Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 08:35

General

  • Target

    e9953e32454d06db3a758d3958481a3a_JaffaCakes118.pdf

  • Size

    35KB

  • MD5

    e9953e32454d06db3a758d3958481a3a

  • SHA1

    14928ff9c1a1ed12ba662fa25ddd21dac75e6eb5

  • SHA256

    606f7ee956e18cc52b6dc32c6a81970e67eb63a7b373eaac6a3df09aa94e1397

  • SHA512

    81d894420b489e4189522ef20258990291d0bb2669865daea48e6db449ffbcd0e9b5bdabf7d5ae7c53a7f75d45ba9ea80770173ffcfc1a9d6951d4cc63782f4c

  • SSDEEP

    768:DCqloqbJcuspVajjo96NV58JZk98TmSYLXGouPH:Wqlrct9Q5iCmTmH7GouPH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e9953e32454d06db3a758d3958481a3a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    496cc29b22b78e7f0f1719cbd7500868

    SHA1

    75b208cadb46ba274e6912f471606dbe5e9696ce

    SHA256

    0447c104f333ecc1e92e0bb97ee8587d03dfe0f9cd6d0397a31e8c72ce16b7f4

    SHA512

    ad985927e5dc7fe858e98c0cb021d7c095f5593662e552cc528dcdb235844b707f5357d9e7c8e3b30f96dee465a9eb4071ebb495fd3a67fbe588852a67deb8bf