Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 16:46

General

  • Target

    ea72e0a766d718904692619546d16ba6_JaffaCakes118.pdf

  • Size

    95KB

  • MD5

    ea72e0a766d718904692619546d16ba6

  • SHA1

    4ddd3dc0b456cc21911698b7d19139c0bf97ec41

  • SHA256

    307ee80472ba6aeccfc9d3d49b6b232f3ddedebe7de47002646f482f60dba1e3

  • SHA512

    211cea6957275180cea5020b2d85c8240fbea6595ca8efe2f4f446ad8c8811c630ee978ea7ad6573bf89b8c50d5710105c4dca0fec146a928b9241976b012d65

  • SSDEEP

    1536:8mz+6NDOTAE1xg1ZldP0xANPZl7N/v0/MtNhVWP4g/JK/vjWQpOCoWPS1TPXJ:7NDmT61rdcxANPPx/v37hkvJK/vOCKRR

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea72e0a766d718904692619546d16ba6_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    518c2ae8c5b75bc38c3f9bc3027f61d1

    SHA1

    cb396ab57499c5206944ed1f8bd08886537a974b

    SHA256

    f841d7dd767fa02721e67e029e136786a14f8002e08f1a014044053233cc0f97

    SHA512

    cd7f502a90bfa47b360cb38e683b43a7a5fdd991ef0cf9933cac4b31d96aeed0ed6178f1eaa1ced6c95ea427850e85326350b8bccb2f82b22a3680d58e70106f