Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/04/2024, 06:14

General

  • Target

    dd4d8cd7a408b8583bea356313fa3032_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    dd4d8cd7a408b8583bea356313fa3032

  • SHA1

    6d3ad02a5883a27056f50fbe3798c54d43023ff4

  • SHA256

    3e912a849ed93a31e07e0de2be452a32a7e0a716af6cc695afdd6cc2fc398028

  • SHA512

    03bf5ff6e0cf0c32feaf073787c08485680ce306bf4541cd17973bbbb0a9f36393f2120b1331ca5d913ebb3f25ed1a22ea598007b679de417531dd92a1c3895d

  • SSDEEP

    1536:JH51DAyV/ab8jJLcMUYDY1DPvApUk+b9dlJWUyEm1qdv8YWspORN/Q:J/F/ab8RcMUYDY1DIWNpRY14v8zRW

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dd4d8cd7a408b8583bea356313fa3032_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    22de456c7af6b7ac75544933a8868d0a

    SHA1

    53a93b7da59ef200cc888a8d219dcc16c171fe71

    SHA256

    42d9a2f91e9838bef3b9cb169c2d5cd9df86bdad30b6a46ea466f23a9c3b8c00

    SHA512

    8bdb003fc37da65a86f9dc2174fec1eebb0e747d4b12cb93afdb398bc8d95bd019d6fa16d43ef97f10ae46f030de4c9982fe059390e1111c2b8018083949b0a3