Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 16:32

General

  • Target

    ea6caad75b416e0da1d0293388ce7104_JaffaCakes118.pdf

  • Size

    93KB

  • MD5

    ea6caad75b416e0da1d0293388ce7104

  • SHA1

    ddf6817349f291bf7002ab8f870dbe71235048fb

  • SHA256

    9aeb561497630a92dc6d7143af9c913178d6c2cc3e042bad8f430bd475e98621

  • SHA512

    bb3c7d7dc9e84246bc4c3a6fd5ac2648ead947e24e32a4841a18ff596e78f69c2eb4638828dadd5773d0e79e4c6942d4471bc2fc5c96f660aecf90c2c7e363d8

  • SSDEEP

    1536:/qdz+wv80k3sP1TCoVmyAFAQM56urS9Pi2UbWepOiCWcbs6atFyLrWhuICO:i1l8XFE6urSw9kiKNaOrtc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea6caad75b416e0da1d0293388ce7104_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3d54cd0e9ac8bf5b19aab283ebba4845

    SHA1

    b0c889d9e87d1f4a8087877403cf781065ec1874

    SHA256

    e62a7ceee71a79b95de4df4cfeb6f810e537494131511eaa782d8f02e34fbca5

    SHA512

    9b6a38848706449fd4d1980b31d18023f293932c953802e244562a05c01e40d4ed09def3c7c521f07e34d1a09b1881e5d79694cfdb9d50c380224e1bddd66af3