Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11/04/2024, 11:13
Behavioral task
behavioral1
Sample
ed4a1ded783c55149a64c6498e8d507f_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed4a1ded783c55149a64c6498e8d507f_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ed4a1ded783c55149a64c6498e8d507f_JaffaCakes118.pdf
-
Size
88KB
-
MD5
ed4a1ded783c55149a64c6498e8d507f
-
SHA1
c16cce6e35c4c59fcd77ec78c104964e9bd9e491
-
SHA256
30819ee49bdaabb7e43797e923c9afa8851617043e14d034a5e102f537beb27c
-
SHA512
54a53e55beda745bebd60554502a12ccfba61224752f84e3ccd18a45d636ba0b2047622f93092003647d3f9de052b785f58c296e5f81f5c8d8a7d832cd8ee784
-
SSDEEP
1536:svAukcjkeagpfcs6WRgvqawrER2g2PbenHICGFywdSZuA/US0hWOpOwrKW28FbUM:SAuNjkeaSfc7WRgnM42g2TenmFywdlKc
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2144 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2144 AcroRd32.exe 2144 AcroRd32.exe 2144 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ed4a1ded783c55149a64c6498e8d507f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2144
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5931a1d5dcba39f081b1f61ca04aa73c8
SHA1d63e25d8eb03da32c3d7797921eb08340f914089
SHA25636aaa6862ab1e049ec77c42d9a166339b104140a4bb9fa5c38c76fa3fa9aca3c
SHA5123f34916f08b0f0a3558a407841617c2e172cfadb7f09bcb9e6db0b54f505c2bf6fb2579456f933ead0a90c7f66fdb08f8f439e31a07bc52d3379a482886badf6