Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 12:24

General

  • Target

    fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    fcc3988e9432b435ad146d5e39fb3b5d

  • SHA1

    294f22ee4b2f8d1934b347413c23fafff219b268

  • SHA256

    9dbeacb3ba7515554708cac19aba9eea8bbe6fbe5cc20d73bb668c24b310117b

  • SHA512

    939b9f9c3f8afdf40e6111b812563aaa3f28aecae368a61ca709ea6a5557b472f95dce2fc40411842ea94d3f462b5bd06db695beb4c498db2f3a6450ad7db2bd

  • SSDEEP

    1536:d6YHhuHkWllmItqB50pRbsAORsLBsEwmwKrpvd90W95DXaeG/WgFJW8pO+kK6:cGekMldOuRTasLemXNfLDXNG/7FI+Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b5e1e74ad3feb84c2a657a347d844edf

    SHA1

    aaa68fcf7638e19ad23e1d70588a00420a0a1a07

    SHA256

    7ab75984c381e5a6caa9d978ee63a67552ae97cb066ecc4e0d9f85018545c028

    SHA512

    6b7dbf2faa8c8b12e104b5617923556803cd35baf88612ceee1b3fda3759d0a8b5bb72d51b37079826b7d16ca585e90c695df1c63170aed182521bc6c7cf74a6