Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/04/2024, 15:57

General

  • Target

    edcd482ab294e4797ac6c66bd9eab67d_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    edcd482ab294e4797ac6c66bd9eab67d

  • SHA1

    f430c565f584bfe893a4d77495d9d528211388da

  • SHA256

    2b654079a6d8ff278d2dbb0042c6828f765637bcf89a2ce11b2c455eb9116e72

  • SHA512

    37417c0409d468ef75733564b83f4b0907df4d0d671cdf5372856007c4ecea945967e767f5babe48b70d1554dfaba1624ffba1d8d7a45a16686ee14a4819bd94

  • SSDEEP

    1536:omfq2jliYulplePuJ9hvZLr5NztuheC4lBYmPto3dd3NhX3lcHXWHpOv77KrWKWC:Dfqgl+pIYZ/zxTlotddeFv+WED

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\edcd482ab294e4797ac6c66bd9eab67d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2dc98cc06467be72f5c2ffb151a48302

    SHA1

    72380ea533d0dc72c78ecf2b07c5be3d441c4fc7

    SHA256

    7d0929bb9fca0ad9ff566a2a0978cf9c968e37d8a34565e329989a97b40caa3d

    SHA512

    e9b32d4664d9053ba847e35c534dc41c99188e100de142a5ee15a6e939167fdefcb99ae015cebf9c3dc2f24d5ac8e66ea2dc0b3f4a468e78fc53bdff1ee0fe43