Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/04/2024, 07:15

General

  • Target

    f54254c79ae573fd50f6a53d2cb3b519_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    f54254c79ae573fd50f6a53d2cb3b519

  • SHA1

    07be23deec8aec14fafa6369c81bee5c5713794f

  • SHA256

    f5d6e525d8f4a93689649fb65a28b7df038b5b2990985921997e1da51a7acbf0

  • SHA512

    157f4a1046f8f2ff7645a99ac220d6e9a96e8ae0c6e7c1934ced23f916fa679d814d21a2dd5a1764b08b44ef832595b6407fe17a2f8902b4229556664c872c50

  • SSDEEP

    1536:+PlKMJelqkoUTK3cVH0Vetx8m0xjWcWfLtSwOrehyWOpOaZIgFB4q+5z:+lKMJEoUT/UAtx8m3DZSJYHaZ9QJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f54254c79ae573fd50f6a53d2cb3b519_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    31cd147719ce36880aaf994868483d81

    SHA1

    718c5f2c3d56727c5a9034351f0dc7feff78e4d5

    SHA256

    8bf20be437076f1067a4f25e3f283c96dfc235a30c6ea22b897d5b0c51718266

    SHA512

    78c6bb6213c309bb92f06b475d69c8b003d0ff36b5d5972d98f9a8ac17d268e8fc8d5f794bbe3bef1837cd750a1010500f3b51618053d483bf4f17176e7b6711