Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

f46bbf25c7...18.pdf

windows7-x64

1

f46bbf25c7...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/04/2024, 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f46bbf25c7cd15b10a18c70806aafa09_JaffaCakes118.pdf

  • Size

    75KB

  • MD5

    f46bbf25c7cd15b10a18c70806aafa09

  • SHA1

    e05b2db5326544978350bee0bcb9c2fed73dbd4b

  • SHA256

    82c8ba3d5ea5a924193a90806c18e426ff6a4ba6574c324a39248a6c3f3ac5c3

  • SHA512

    2331fa0433fe8f4ce6504dfa1354503424163dd03e90e4fb783033efa31e4b22238418cc076f7d424c0f2fea165e4938a63f7f1ee42e6573eed2fd8d10c69989

  • SSDEEP

    1536:DCz0VPlO9l3ztRIcMurEopuH57PER+mm9m+zScn:2z0VPs9l3kPu7pYlPEEmm/zL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f46bbf25c7cd15b10a18c70806aafa09_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    db6d14a06624db3489e17e8a018bcb85

    SHA1

    c115307446e30998dfccba2e0383e8efb23607bf

    SHA256

    ad2913642c39d66aea0414cbaf5e67e8591a4dbaeed6db297ecaa5ff68c7a960

    SHA512

    5c82873d94ce6b2e7dbfc926e2dc5f3a79a889c614b3bc7b6189951250fed56befdac62a72806044ef35f91bb7576d8bfbb6d83cc81eb5e47d0db6ad140b92df

    Download Submit