Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    18/04/2024, 01:15

General

  • Target

    f6fa421f1fe270a1971d7d6bdb5d4285_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    f6fa421f1fe270a1971d7d6bdb5d4285

  • SHA1

    d7fea56a00a1eae295d72d1c7a6919d36a33e4e8

  • SHA256

    482cd934731ed291a3f32c4d549260d3a3d2d896fd3ce4273c8ce4754a460699

  • SHA512

    7d28d4fc7005daedad9575fe99ea832d30ff6a4c814c74ebc235fd62bdcd4e600ffce03deceb55a68b47f82e7c6e772c2162940c37d32419d414111b115cd5b4

  • SSDEEP

    1536:iGXNTmb5Q0ZqviL9NY4WAhUWOVWUcIFabhWCpOVirxZWBAg0W/Hb:JNT25Q0DJWAf69FrVirxzglD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f6fa421f1fe270a1971d7d6bdb5d4285_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    16b1ccbdb21e85094bcafaf3d8f7e998

    SHA1

    90f3ebe243c1ddb0d234a5d87cd0ca2509e43083

    SHA256

    3b46a1a7050d45c94f0d6d1eda005ab4c003bc3e29e4c06ab259bf1011e97d16

    SHA512

    97adca29c03430ae28951f2332884deccdcb8b32e3c72eaca797b8cf5a4ce23b139184c8715cea5afce1ce24fae2f6f7d3c4b5a4ff9236b675b8f4037569df21