Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/04/2024, 09:37

General

  • Target

    e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf

  • Size

    45KB

  • MD5

    e1887fadd3e964828f922c5b724f792b

  • SHA1

    0aa030809079345e8c7cd913c21944f3cc603f43

  • SHA256

    0b29721b3baa0c8e8b5c8a6c841b1b1bc49f832f21407a02857733c160651f1c

  • SHA512

    c20a689e22b1934730aabed92308cc894cbbd5e88d26607f45ab44e6d2ab3f0c6ad3544f40cea7d8cb33c06b560bb2644cbd94f8ecc850abdcd5653260994209

  • SSDEEP

    768:BrdkO+pT0fwSz0qU0RF8USaETmH9o8XlqrXMZlFJ75o:5qOUQYYUoZSaIy9oUlq7MPRo

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    44268722eb5cc13294c8e711ab5f86a0

    SHA1

    02ecb6eecd578c41c8cc337091a56a9bc8d8ce3f

    SHA256

    21d661cfbc76e5b5d9d4f8e76b4bff292452eecbd31f074e45d8f610ed6c6db5

    SHA512

    5119075795a5ef889b5d511bf257f75667ee50c2ceb91097c2b3123720e6a4d09ebb0bf5436612c448c0ab808b5af33f6dc411dd1106d2fb810454bf63d8ac9f