Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20/04/2024, 15:43
Behavioral task
behavioral1
Sample
fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf
-
Size
50KB
-
MD5
fd1a566ecbf874d6ef1fd8ad7652e155
-
SHA1
c8afaf45b03e58ab5957307bf59e71fd4de3170b
-
SHA256
8d8d7b44fb7704eda120ade40237c6498cefcd233e24719ed6c5181e57ae15b5
-
SHA512
6b6d483767d086f95fd43278277fbefbdb80bf785afab4ede5f9a644055b6e65338bd0144824b79b5070cc006e1a83747e10e9c35fd9cc134b8b172f6aab57e5
-
SSDEEP
768:Sur8TxqG6snyls4awBBzn7f6cibpZ/NIJdZvILcln5u/Bg8tq/9u0KJ0pc6fvcDC:Se8VqGlny6EBBz1ibaJdeLdgKJ0RO2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1704 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1704 AcroRd32.exe 1704 AcroRd32.exe 1704 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fd1a566ecbf874d6ef1fd8ad7652e155_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1704
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55471bd47b05a55bc7f9ab05e72e223b0
SHA1dc72fa4fba6a012a7743fee5fffe8d4f533f0896
SHA2569d234a1d94e004eec6785680372a4e92e34d5a6a1f1b0b4d078d37411416380e
SHA512c8230ea6c1234e4d122e0db21ea7338e4218e92dc6b9e590a954c10848f4da01637e99345a7852fc20fbc21278fe5f628006d5139b7289353586b6120bd0c707