Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/04/2024, 20:07
Behavioral task
behavioral1
Sample
ebe36300fde83297164b165d6ed853d7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ebe36300fde83297164b165d6ed853d7_JaffaCakes118.pdf
Resource
win10v2004-20231215-en
General
-
Target
ebe36300fde83297164b165d6ed853d7_JaffaCakes118.pdf
-
Size
31KB
-
MD5
ebe36300fde83297164b165d6ed853d7
-
SHA1
925d4f38492a685489023301f466cb9b88423253
-
SHA256
5c37add9a210c90beaefea41436c2af0addb5d3115405cbba55592668030f45e
-
SHA512
b02af8959515c5369d1bada1d7994fc29dfcddd69b995e29015203c31221e1ccc650ffadcc56d739302c0914f41a1d6b95f5686519a6876fdcce9f76da489cb8
-
SSDEEP
768:IgGzpDQ5LNZ5CUa+qwlAvDTAy3i2N3FIfDtrz:FGFc+UrqMA7TJvFI7trz
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 744 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 744 AcroRd32.exe 744 AcroRd32.exe 744 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ebe36300fde83297164b165d6ed853d7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:744
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b640dbd4961dbf8b050db3b4acc4554a
SHA1b4030653b141dea556ad0debe76258cbca5964e1
SHA2568a1661f2853eb36fc4ae416956b81aaba74f963324cf1dfeb2269f0fc1cf69d4
SHA512fff83d0d9aaa71f2e0b40bcee1dc6aa5561b6c40f015e5f046e9233d8c9e58f538d204c90c809c7c5c9b839b2f128c50e6b23e93d59f21e51dd2ccc60f1235d2