Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 21:14

General

  • Target

    fda95ac31e2bca5fb81946446dddfe35_JaffaCakes118.pdf

  • Size

    90KB

  • MD5

    fda95ac31e2bca5fb81946446dddfe35

  • SHA1

    90563a85dca3daab03dea97b548c627f3fc55a11

  • SHA256

    57d996a38667484ddf52a5b230ce3553fefae66f6f5496b2bddcc832f9855999

  • SHA512

    2060201fc094d8ca6e025b9f6d8a5468e920b5afb205c7869229ca74aeb5cbbc05522a4db73179bf5bd39ffce72521595f984e12a719fad11c713380489627b9

  • SSDEEP

    1536:J4bCteeL78Pag6DN2T5Po9AsycbBLUfXAQczaW9VPv1FsI4THkKtWOpOwrPgISJz:ybEp8Paju6AsycG/cz7lIfKwrPPSV

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fda95ac31e2bca5fb81946446dddfe35_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    46dc3e260417cdcf1e73f183d716b7ff

    SHA1

    af227651e15b7f1eb5c22a95a195272a9ba266f3

    SHA256

    c4545af8b09b1b7a3fee6be3eba8d024af3533c38f63e3a255be0cb48b40ccca

    SHA512

    521c0dadc8f124b6e93306a62985ee09144b5864c126a0f1af59480eb5b01c989db91d97bccba31d9df9d853a5714e56143b14198571351f197c717b93efadfb