Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/04/2024, 16:08
Behavioral task
behavioral1
Sample
eb7453e5448a3441fa9cfba5049c2a70_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
eb7453e5448a3441fa9cfba5049c2a70_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
eb7453e5448a3441fa9cfba5049c2a70_JaffaCakes118.pdf
-
Size
89KB
-
MD5
eb7453e5448a3441fa9cfba5049c2a70
-
SHA1
e8040de201c6fc3cc785b5f3b080eb81ff943f1f
-
SHA256
4310de9e0fef0483a045b37b6bd0e3d275b5da8375fb5ee6638c4afff04c6215
-
SHA512
18cb4322d7383b49affd32fb96377b59ec88d07ae3baaf2583828d8302e9d29b56993d89e1605ab52f45f59f602295cd2ba16fcbcb9e3fc09d1809e40179b3d9
-
SSDEEP
1536:8ISAUwh5EicgSZ6iul3evpINGG8XWXcnGLLro4K4IbWU80pDkT1RwWQpOC+OM:sAJhuzbfvpINt8ScngLro4KHR80hkT1t
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1968 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1968 AcroRd32.exe 1968 AcroRd32.exe 1968 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eb7453e5448a3441fa9cfba5049c2a70_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1968
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a2214c1992303897adeb1a93bd3bdd96
SHA100a8dece755c5d5b53b8e9a52847f3f14411a96c
SHA2567ec9bff63f1eb3f8c5a8e292a11e0b42f86acc51c04ccbea58af4d15d525d7ab
SHA512bc3302f515340a4be4c527d0f86d33ba813f2f5b128a9b22235bdaa2f47676cbb0e6f0d727144644a849c9c9afe71f55f199d01bd886f24df74420f551d7f210