Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 08:09

General

  • Target

    ea9f95742f751de42002e2192fe4886d_JaffaCakes118.pdf

  • Size

    92KB

  • MD5

    ea9f95742f751de42002e2192fe4886d

  • SHA1

    0d544ffc64fa8a6a5ec5b698ec506d02ecac9e32

  • SHA256

    806dd2b00ce973ecdeb62af031ff116d3a433296e57ffb72ed0dc87eaa27556e

  • SHA512

    844cf661c82a9c2288a3635b2a2f73074edaa2d0eab4d1ef0f8d418e4607e6d8d879ac2f587130e8476da60d7bb867c9cbfe28e0a65346b6e2b63f47574ccc5b

  • SSDEEP

    1536:k73ZZ6mPpdro+JHr1FLAyqQqWSnrfgKU9W4eeroEIW8pO7Ina:IpZL3JL1FLLCnkhboEz7R

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea9f95742f751de42002e2192fe4886d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    41f97e837c33744b73fdccf2a2bc2927

    SHA1

    f2f036a72ea41e2e08b663cd64d03e89138a3be9

    SHA256

    58bab32fe1c3815259f5086c1c012d2649a7e726327e89086571aa04ca24bf6b

    SHA512

    77b17796cf2bd4be9badbc2f282a4251af6c14c76f4b624f52a6083ef184fe22622f2bc96cc6c8a83f92a1c47508bc00523cd440da8848fb777bf15a94fe57dc