Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/04/2024, 21:51

General

  • Target

    fb3e0fec8e757f9f01dda57cae9208b4_JaffaCakes118.pdf

  • Size

    36KB

  • MD5

    fb3e0fec8e757f9f01dda57cae9208b4

  • SHA1

    44c01ed9ab0f1f4d3719d481970726c09ebecafd

  • SHA256

    776065cbc6bf01d5b9efc2863241acba9ac5f8a6fc4c70a9a30626b72579b1ec

  • SHA512

    ff0ae5b0b06609aa96b6b1582aad184c80409ec92fdae9bd21eee85d83b67c4291514b372cbc363c6419a10ab5d22d088d08f1e2b2275d8b1487a6852a76389d

  • SSDEEP

    768:ZphqE1fv+iHeCcGIoOsZQ2fULIb2lP3jMuTOew:Z/q4S9GIoxAJpTMBew

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fb3e0fec8e757f9f01dda57cae9208b4_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4e7ef98aa0794a6dae835a94e7c0f3f9

    SHA1

    2a9fa60543a099b07065335027896a528aecef14

    SHA256

    e4ac2050c93cea58617738d6d0117222865fcf4ecc64669b2ec237cae7da6bbe

    SHA512

    57c695224e4680af0a880d597674ebdaedf0cb253f15c27775e227aa25916d3382a9b31aa4b48f482272d98e594ab489aeaeaa03793d80daef3e9391f3c313a0