Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 16:34

General

  • Target

    eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf

  • Size

    66KB

  • MD5

    eb80c069979e0a21bbd8b28da5672dcd

  • SHA1

    e667b753a7c1df192b0ef8d9e6908248a97b0aa7

  • SHA256

    8ae197deee7c7c94c8411779028db9d848952a2c265009c261ac6279ac3982e9

  • SHA512

    3bb4cae8cd6a7e41638383fa571029c54105e6bb05feb56b90a859aa488a1a37f929616dd752f7373a3df3e30a16c8a3557e88efe09c1d556be084e95e9a2b80

  • SSDEEP

    1536:gKEE6wTN/+hpSNK1NAt+lkM4dm6churGj2jIS/CPfX5T9n/Rwy:X56wTN1K15J4AQrGj2jIS/CfpdX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eb80c069979e0a21bbd8b28da5672dcd_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4fd4f32a30e45b3a8c4dca187e505526

    SHA1

    f594d9bb9fc31492ac3419a585d672ba9f745dbc

    SHA256

    bbcb698298f06dee2652fc5f4c7c18d758cd4e126914e0331efb2540c729829a

    SHA512

    9bb2242a11bbc2b5a044b9d5035a9595e3e4ee05ed2dfea9e9a49e839a5768a0ee6301b35217b1e9311d62b62a4832a0f9ab75bfd603af15358b6be41029ffe9