Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 22:27

General

  • Target

    f211b97d4da797070751f563ab752f1f_JaffaCakes118.pdf

  • Size

    96KB

  • MD5

    f211b97d4da797070751f563ab752f1f

  • SHA1

    cd59db323882fd414088a6ec8d92eccc080cf6c4

  • SHA256

    fda448b1fd92b9f344cde6c40d542d0650fa1e52265b745bc77425def7f7f28b

  • SHA512

    4374f8094444af6a244ca7515e64141e9ac988bb7100965a2996de8836f9046cbb6a32956db2d43d89bbc575990302addad9738173a8cec968f12c390f38313f

  • SSDEEP

    1536:Ksa1P0cScuOja+roeeGs/PdsOFi6eGbPy5svNCp8KAdh4XM//jNeWxApOGzW8RNn:NRcFgqQxFyGr13tOM3jNL3GbHT64

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f211b97d4da797070751f563ab752f1f_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1013d24e141afeeab015419ae9ed98c1

    SHA1

    d01f2c25bec1b953843fb5ec06f7df40ff5bbf5d

    SHA256

    9d9484bf0284f45d5c2d2c80d1d3f78d1f69766cdfe4a752999a046beefb7140

    SHA512

    fa297aaef1c605fd218b0e11c6b863a384c3c4fd87120a0244af39f2f60aabc5484b8cfd048fe80a7f521af65455db0c48dc5b9deb4f081326bb33e70955054d