Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
08/04/2024, 20:21
Behavioral task
behavioral1
Sample
e8548881f17b7f1a142ecdca590f2e3b_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
e8548881f17b7f1a142ecdca590f2e3b_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
e8548881f17b7f1a142ecdca590f2e3b_JaffaCakes118.pdf
-
Size
81KB
-
MD5
e8548881f17b7f1a142ecdca590f2e3b
-
SHA1
3ac11c0f199e55efbe86743caf72bc3d9571fbdd
-
SHA256
59b758037ac859627ef3fcf3d9531f560551350e654d6a94d95138aba22f50fa
-
SHA512
90c7e42931064105617088577ea1653b25135bae92b39c8601272c3015c27810dcd26e9a6b8b6c07b17f3610ea9c814e995ea96e4d6c1ef709a39f888cecd4b3
-
SSDEEP
1536:d2PzPIrsTU73utZnXvAYqA7a4w/Zn4q9D0DWkNpOPaWnEwaKaobXzgq1:EPDIrsQ7+nXvHqA7Vwhna0PGsaobjN
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2204 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2204 AcroRd32.exe 2204 AcroRd32.exe 2204 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e8548881f17b7f1a142ecdca590f2e3b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2204
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD583096d86259e7c14431b8148b45229ae
SHA14af3f258a41e384ac4d41e71bccdade9161517ef
SHA2566da9dcfac1e390f3fe1ee1cff50fbc181c5976282545f63b1c262c8bf1e3d396
SHA51276e7584c2501b7d5ba7c43efa264e939d30e9cd6f9f06bfe1974b57737bb00257229e90686f2fe8714f60211d1ea6b9fd762a3bb0574feae5a9bb3f599d0e87e