Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 15:43

General

  • Target

    fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    fd1a566ecbf874d6ef1fd8ad7652e155

  • SHA1

    c8afaf45b03e58ab5957307bf59e71fd4de3170b

  • SHA256

    8d8d7b44fb7704eda120ade40237c6498cefcd233e24719ed6c5181e57ae15b5

  • SHA512

    6b6d483767d086f95fd43278277fbefbdb80bf785afab4ede5f9a644055b6e65338bd0144824b79b5070cc006e1a83747e10e9c35fd9cc134b8b172f6aab57e5

  • SSDEEP

    768:Sur8TxqG6snyls4awBBzn7f6cibpZ/NIJdZvILcln5u/Bg8tq/9u0KJ0pc6fvcDC:Se8VqGlny6EBBz1ibaJdeLdgKJ0RO2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5471bd47b05a55bc7f9ab05e72e223b0

    SHA1

    dc72fa4fba6a012a7743fee5fffe8d4f533f0896

    SHA256

    9d234a1d94e004eec6785680372a4e92e34d5a6a1f1b0b4d078d37411416380e

    SHA512

    c8230ea6c1234e4d122e0db21ea7338e4218e92dc6b9e590a954c10848f4da01637e99345a7852fc20fbc21278fe5f628006d5139b7289353586b6120bd0c707