Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06/04/2024, 09:37
Behavioral task
behavioral1
Sample
e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf
-
Size
45KB
-
MD5
e1887fadd3e964828f922c5b724f792b
-
SHA1
0aa030809079345e8c7cd913c21944f3cc603f43
-
SHA256
0b29721b3baa0c8e8b5c8a6c841b1b1bc49f832f21407a02857733c160651f1c
-
SHA512
c20a689e22b1934730aabed92308cc894cbbd5e88d26607f45ab44e6d2ab3f0c6ad3544f40cea7d8cb33c06b560bb2644cbd94f8ecc850abdcd5653260994209
-
SSDEEP
768:BrdkO+pT0fwSz0qU0RF8USaETmH9o8XlqrXMZlFJ75o:5qOUQYYUoZSaIy9oUlq7MPRo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2304 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2304 AcroRd32.exe 2304 AcroRd32.exe 2304 AcroRd32.exe 2304 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1887fadd3e964828f922c5b724f792b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2304
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD544268722eb5cc13294c8e711ab5f86a0
SHA102ecb6eecd578c41c8cc337091a56a9bc8d8ce3f
SHA25621d661cfbc76e5b5d9d4f8e76b4bff292452eecbd31f074e45d8f610ed6c6db5
SHA5125119075795a5ef889b5d511bf257f75667ee50c2ceb91097c2b3123720e6a4d09ebb0bf5436612c448c0ab808b5af33f6dc411dd1106d2fb810454bf63d8ac9f