Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05/04/2024, 13:25
Behavioral task
behavioral1
Sample
d4f4a6c2ea9b4843ac7e7f55f3cec8b4_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d4f4a6c2ea9b4843ac7e7f55f3cec8b4_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
d4f4a6c2ea9b4843ac7e7f55f3cec8b4_JaffaCakes118.pdf
-
Size
80KB
-
MD5
d4f4a6c2ea9b4843ac7e7f55f3cec8b4
-
SHA1
e3c097662ac7e8b8b8dccbb5c83080891f36c7b7
-
SHA256
3ffa1adb9e9dbf318b6edc3c5d1a784332d0f335c247eaba133d777ad52f059d
-
SHA512
b938490f26174ced061d62bc7aeead945705ef7789df8a669d62c2ac5ab70cabe158680f2d83bafe9888ffb4ffa6377875344369e5032fc79db33d30fc9cd7b5
-
SSDEEP
1536:R0WahHoZ/E8XB/PFeyWRyL9CyRZgSeBVqTsQJnFY0iKYh5cUJzy9KGxjtp655:azh6/E8x/PsyvB/RZgSMjSnJ+Zy9Hps
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2076 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2076 AcroRd32.exe 2076 AcroRd32.exe 2076 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d4f4a6c2ea9b4843ac7e7f55f3cec8b4_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2076
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dd491f7715ed7acc97e6f0c3141742b5
SHA18d6046661cd04140ef56cf82ca8334cb76bf7b61
SHA2566fff96c503e7544a931df807bf4c1500d8830dea672b717bf05fe5aab016c951
SHA512cd04f31fd4b3dab2840d3af9f6d6bae8bb1b36a34e5ca7dd3d2bc9dacffd89b72fe7db5d7da831b55433c8c1178a7dddac4e5a3afeaa3812890b0e35886ba500