Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
06/04/2024, 10:16
Behavioral task
behavioral1
Sample
e24e6802d283a1c453a6af8eba335cb9_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e24e6802d283a1c453a6af8eba335cb9_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
e24e6802d283a1c453a6af8eba335cb9_JaffaCakes118.pdf
-
Size
94KB
-
MD5
e24e6802d283a1c453a6af8eba335cb9
-
SHA1
7ff0115accf9f8a620300629506bded74221ddda
-
SHA256
d549217c47e1679162548250b257471f2f9069f9ca9bd41e109de7c6ec33d154
-
SHA512
a960ae0a5acb22e623f52479ea441a30f0fd8e8f483ddc10ef9275e9def7de40f7342c0e3ae9c3b4f367dc8629f28930b2d1d3f81a07866846b01ebe5a9b3136
-
SSDEEP
1536:rsUHMRbV65wnzvPfe+2VIvuSICj/fwz/W/Um43vI5lWuou9xJCRWOpOwrRtiWE6Z:Y4MBVGwje+2V8uSR/OwUgmuUOwrWW9
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2784 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2784 AcroRd32.exe 2784 AcroRd32.exe 2784 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e24e6802d283a1c453a6af8eba335cb9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2784
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53c29df706e4b62537839918e40200db3
SHA199c5c6b9912beec01ea035e208b212774adeb122
SHA256d5d114df924c86ce7a7cd7fe0ddeae00f2daaca4e3f5aed0cf66675ff2a0fe8c
SHA51268d9f97a258b8d27c4a54828df6cd85f2d5e5d3273ce56ad2ce4fe8a507f4196b614ca9e5938eb59355d5ac776d35ed4005b4250e0b7eba08b8b82bac2ff2cb9