Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17/04/2024, 05:28
Behavioral task
behavioral1
Sample
f5221b6ce04b05df08f98640c70aca91_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f5221b6ce04b05df08f98640c70aca91_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
f5221b6ce04b05df08f98640c70aca91_JaffaCakes118.pdf
-
Size
84KB
-
MD5
f5221b6ce04b05df08f98640c70aca91
-
SHA1
8f4930f014c2752686052b39dbd4c7429afd85b4
-
SHA256
3ed31af3a64ec37f219040762e52a4332c3ef10e000ca584589f706b0684a59d
-
SHA512
8c13a253c08c840ea0ed1e91025b99c6f892dfd6125686db968d877f5cf19d026d6d09a7f14c2ad4e641c6d1500bbecb965540a70e23b2fb881b1c8b5cce9f4f
-
SSDEEP
1536:cVT5Ob9ZjLAACsRR6Bgc/wu1e4cOuprDOmmFoEgWqTW6pOu26WuTJuGulsXG6Y75:ITQ5ZjLAACFBgc/wu45OkqDoEDqYu2KU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2344 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2344 AcroRd32.exe 2344 AcroRd32.exe 2344 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f5221b6ce04b05df08f98640c70aca91_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2344
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5af508d4a5fe211bb127af16876dd6a4b
SHA1752bcb05f75ba857b1ab8972ddcd08bec341a1a8
SHA256edf3e95beaf53169282fadda480731dcf5fc3b4e0da21051dc94653c62b912c3
SHA512b88c157d3759220495a48f972108071d5d7725eade8a02f50ec045ebbc8e663cc4bf9d6cde3497a772686750a2f3db2a08f6ed48173b9f66f70e9b42dc2eeeda