Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

f82893ef46...18.pdf

windows7-x64

1

f82893ef46...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    18/04/2024, 14:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f82893ef46f6f64fc92a9b9f7b16038c_JaffaCakes118.pdf

  • Size

    97KB

  • MD5

    f82893ef46f6f64fc92a9b9f7b16038c

  • SHA1

    25d3b1159a60dea4e950d66add0d10888d3d53c1

  • SHA256

    f75031467c456f06e4ddd59d0a60179708457ddfaabc586fd560ddedffc9c0aa

  • SHA512

    46405cdb72d7832c368fdb0949ea01aa7152f7ff9b43ddb7339790f63fd0fbf6173197b07dedd454c5342757b235648aaa7d0def3d2ca4cba601ada8a9d5c451

  • SSDEEP

    3072:EMXylg26sAEeBzKg9TbDGj2ViRN5AWwfA:EcyibHGiGj3N5AC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f82893ef46f6f64fc92a9b9f7b16038c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8d81ad19397c8ebe869cedb387f0799c

    SHA1

    33b3f491a21720ab827c45824ab756eeb569abde

    SHA256

    d2d2ecd776e724ef7a95df7c52db17d05cf1f0c1e125c7d1f1106788c39f67b0

    SHA512

    bd51573d20e3675e0bd3644874d8de593c56faea1a1bc49e66d7e8763c62a8b4109c79a2b355534a5ab67f3ab260511b2ae0faa0494fc4e426af2cd1aa2dcdb1

    Download Submit