Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 21:19

General

  • Target

    f1f270c94f5e279ad5c0028109097831_JaffaCakes118.pdf

  • Size

    81KB

  • MD5

    f1f270c94f5e279ad5c0028109097831

  • SHA1

    2cd2dac9a80df6442fcfe8b764eeb1d7157b5083

  • SHA256

    9838bc131c7234ed305f972848354be269f3097de817501b1209dcad76d5ce2b

  • SHA512

    60d98fe33975818886a2c0ceec78b2d4c3e6771a2a579329f4a28fa40a242b22973b2d8fd67e7249bf9acc0de743041d88ed0882e68c97bfe8ee3b06504596d8

  • SSDEEP

    1536:tYLzgCILGOw4fbBX84FNcrDMu9a5CaWTh3TYW7rzuMC4bg1pRWtSW8pO+uS0:iLbISF4fdXV2M8a5/i3T73fC4bE+t9+w

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f1f270c94f5e279ad5c0028109097831_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    520e597fcb3c8debd11567c357c88dc6

    SHA1

    73291ee9234bd70a30bcd0cf1a82eedc009ea687

    SHA256

    ae084da024277be3c06019f7d61e17ae98bbb148e9c7be13ca2f36cc77290428

    SHA512

    365c568686cf0037ccc61b6b511183a46e64b9ff90f40dac27c4b51b9fdeea568122b4dc87b021adb08ad65e05aae934e3c61f9b3165ba9f12c8d6203838fa34