Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
10/04/2024, 16:34
Behavioral task
behavioral1
Sample
eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf
-
Size
66KB
-
MD5
eb80c069979e0a21bbd8b28da5672dcd
-
SHA1
e667b753a7c1df192b0ef8d9e6908248a97b0aa7
-
SHA256
8ae197deee7c7c94c8411779028db9d848952a2c265009c261ac6279ac3982e9
-
SHA512
3bb4cae8cd6a7e41638383fa571029c54105e6bb05feb56b90a859aa488a1a37f929616dd752f7373a3df3e30a16c8a3557e88efe09c1d556be084e95e9a2b80
-
SSDEEP
1536:gKEE6wTN/+hpSNK1NAt+lkM4dm6churGj2jIS/CPfX5T9n/Rwy:X56wTN1K15J4AQrGj2jIS/CfpdX
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2188 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2188
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54fd4f32a30e45b3a8c4dca187e505526
SHA1f594d9bb9fc31492ac3419a585d672ba9f745dbc
SHA256bbcb698298f06dee2652fc5f4c7c18d758cd4e126914e0331efb2540c729829a
SHA5129bb2242a11bbc2b5a044b9d5035a9595e3e4ee05ed2dfea9e9a49e839a5768a0ee6301b35217b1e9311d62b62a4832a0f9ab75bfd603af15358b6be41029ffe9