Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240319-en -
resource tags
arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system -
submitted
05/04/2024, 09:42
Behavioral task
behavioral1
Sample
d02cbee334a80c0b02dab7e8344b6d01_JaffaCakes118.pdf
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
d02cbee334a80c0b02dab7e8344b6d01_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
d02cbee334a80c0b02dab7e8344b6d01_JaffaCakes118.pdf
-
Size
43KB
-
MD5
d02cbee334a80c0b02dab7e8344b6d01
-
SHA1
8aed15e267d0539d7730630daa5f027f19127978
-
SHA256
6f415c295eaf4d0406a9b656af9826da68744029ee78b0a92e1b45f24c16e28d
-
SHA512
81c2bd0654ec83161077bab094cd02f7735dd8a1a2480701872533209bc55716b12ccd3c7fd7dd2dea7c27277f17f60b4644e6e02f7fd9225a8374c6832645f6
-
SSDEEP
768:I4KbqQm/HjT9xC3RZxzqJksjp4bku06JsFz+q1tsQVBZv3Emba/XyhJlsQ:I4KTmv1VJksjp6szygf3ER/XCJlZ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1696 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1696 AcroRd32.exe 1696 AcroRd32.exe 1696 AcroRd32.exe 1696 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d02cbee334a80c0b02dab7e8344b6d01_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1696
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e15524362b61bff8802ce5fa538972b7
SHA1cc87891fc98e28e10687afc74fb70382111ad379
SHA25668c93d4d9fe219d158e32eb85ea1febfa58570b285600f17beff15e22eda00a1
SHA51205a4abc6070b6f39b5db7f1ab4146dce1f83bf3c5d82085f11e0e06231e8ee22a1bd456de6f0b865b2e99d5f811cce32eb0971ce033341c7d33d8bdcdeebaa0d