Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 17:17

General

  • Target

    fd3b851ef05f59268d6eb31dee2200ee_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    fd3b851ef05f59268d6eb31dee2200ee

  • SHA1

    bc53af5cf305707cd0dd1b22a590726cdacecabd

  • SHA256

    0a04e113eeb08262d206b3675927bf709f790184e6c27619841c4bc45e7b57bf

  • SHA512

    abadc0b65305d9fec5bb5518236aec13e1a58a5d56a1c7be7d0c89d6317600b48cd8b06676a256605f77cecacbd4539560958fd0d007a42d8ec38f256844c932

  • SSDEEP

    768:WOcTKfL6Oeg61nqDOoIE0y5HXxhDwQ1TDJ7s8qvoo38QhITnf6B:GTKfZeg6//yV9Bw8yoo38wOnyB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fd3b851ef05f59268d6eb31dee2200ee_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5a07f2c1987f1e6615d9a6716d0e4106

    SHA1

    3d627ac0f9f55ac36e08837ea4137700517815ce

    SHA256

    a1ab7f47eb83812bee62f5e6325528060ba9a5170deae2e379db84e669059a87

    SHA512

    f28d7d80f350e02b7b0abceafa13e0fef2e9135d4326617a36d8d053476b7c78abd71b2d7d755119ba8be08bed073af78fde07231d57f9ca5e2129214aa3eb65