Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
19/04/2024, 15:31
Behavioral task
behavioral1
Sample
fa9b54feb4361dd1af0da3e7e5c2185f_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fa9b54feb4361dd1af0da3e7e5c2185f_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
fa9b54feb4361dd1af0da3e7e5c2185f_JaffaCakes118.pdf
-
Size
83KB
-
MD5
fa9b54feb4361dd1af0da3e7e5c2185f
-
SHA1
0eb6c51721bbfa0e3c1e921961cfc4b7226c1648
-
SHA256
b3d9752e20cd624db8bdcb2f3ce6209a89fda05fff8d9fca82a15e0d90c8c49d
-
SHA512
a8c35268b999d49e43f1fec513f546e64ba36ce2fa7ac605d3fd9e98c7d2c217b8e90873cbde33120b650e1e7f1ba7cc762af8722cebcdbfea4224114a2dc570
-
SSDEEP
1536:huCAnjkcah6r8AqnfYXMnFaaRIGPjnB/fWCpOViSafWETi7cqHf:ALnjkh+8b0MnFaaKGPj5IViSaxTiIS
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2908 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2908 AcroRd32.exe 2908 AcroRd32.exe 2908 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fa9b54feb4361dd1af0da3e7e5c2185f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2908
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a689f3bfcff7fc37e57fd488ae260894
SHA15d43c183dd503fda7cbc00d58995d87f8c47e634
SHA2569cd8f98d424183be4e007b7d5715d069835ada01fce3f8b4180597b7821f64e2
SHA512a23003be612ab5b757d2bc4b0a356173f12b6d88f75ef69954e9416a02992d777804ddef908f334ef149db286004f1ef09fd8a1096d454bc7d87298d821b7ab7