Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20/04/2024, 12:24
Behavioral task
behavioral1
Sample
fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf
-
Size
83KB
-
MD5
fcc3988e9432b435ad146d5e39fb3b5d
-
SHA1
294f22ee4b2f8d1934b347413c23fafff219b268
-
SHA256
9dbeacb3ba7515554708cac19aba9eea8bbe6fbe5cc20d73bb668c24b310117b
-
SHA512
939b9f9c3f8afdf40e6111b812563aaa3f28aecae368a61ca709ea6a5557b472f95dce2fc40411842ea94d3f462b5bd06db695beb4c498db2f3a6450ad7db2bd
-
SSDEEP
1536:d6YHhuHkWllmItqB50pRbsAORsLBsEwmwKrpvd90W95DXaeG/WgFJW8pO+kK6:cGekMldOuRTasLemXNfLDXNG/7FI+Y
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2904 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2904 AcroRd32.exe 2904 AcroRd32.exe 2904 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fcc3988e9432b435ad146d5e39fb3b5d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2904
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b5e1e74ad3feb84c2a657a347d844edf
SHA1aaa68fcf7638e19ad23e1d70588a00420a0a1a07
SHA2567ab75984c381e5a6caa9d978ee63a67552ae97cb066ecc4e0d9f85018545c028
SHA5126b7dbf2faa8c8b12e104b5617923556803cd35baf88612ceee1b3fda3759d0a8b5bb72d51b37079826b7d16ca585e90c695df1c63170aed182521bc6c7cf74a6