Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e98c91b1f6...18.pdf

windows7-x64

1

e98c91b1f6...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 08:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e98c91b1f63d74e92454179fdbbfa95c_JaffaCakes118.pdf

  • Size

    75KB

  • MD5

    e98c91b1f63d74e92454179fdbbfa95c

  • SHA1

    0e5962b8307211b30b28ed82a52495434f6e1238

  • SHA256

    781793bf22d6aa3375e7879a344e19440657b1564e389075eb327ed5cdb82292

  • SHA512

    76af16cc5285827f1a84f258bda92164d7cfa73918341f344d0afe2e51128f1ef010920ec0b8d0e8614f2ae08b481154f4d9fb459a547d37b86b0e21c6ba6f32

  • SSDEEP

    1536:KxhMaM5dxLLDFGema+bu6L8kzJP56+Wx2qc9qoW8pO+kdAB:19xLLDFGemaszJPCCqT+kE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e98c91b1f63d74e92454179fdbbfa95c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    05ca5dccc29c9d62240e5bc6c3dd6ac3

    SHA1

    38302c5cd160dad6f1aaedfa0813a0a1263916d9

    SHA256

    56a0b75eb5d2ed83ef1ee5719edad7a988a37b234dc5104c57c73d111d80b75c

    SHA512

    1ce830fae5fd8bb0ef07a0559f8cd7818094377f929672745b2947a21e5e24a2334c5ea5cb65874ccd2cae87ed35b5d46067bc9fac4279dbf583e3c6cc46a4b3

    Download Submit