Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

feedf36595...18.pdf

windows7-x64

1

feedf36595...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    feedf365959a842063b599bb55f54555_JaffaCakes118.pdf

  • Size

    67KB

  • MD5

    feedf365959a842063b599bb55f54555

  • SHA1

    4f387a8e8319268148c45dbea87743af3ec8f570

  • SHA256

    39529c97d57f64fba615ce6bab4e237513791203b2954a5ea96400903bbbe806

  • SHA512

    d1d5af325f1d9b17ec1a4025f6d918a9396631958d5a68719876518de71fe1b419c54e3fd26d23a06cb6daa87e03b1055a150363645211f42beadba5e8138a11

  • SSDEEP

    1536:k1D9dI7t4NsSPPyJ5e3QlpvmIb5ACbjSS1eijQbmWb:cD90KXmpv5AnS1Jkbt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\feedf365959a842063b599bb55f54555_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2356

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    20829191ba1819f9bf76f13d7e44d2a2

    SHA1

    f3bb21c066a40138a7718685400929722aeba00d

    SHA256

    b4eba6f23744ed6e89d7cab71036f4bf20ff418ff13688e85aa0f177d17fae30

    SHA512

    77aa1e159f85d4363e7fcef8aaa6a5ec22044fe187c32e31024e27345e57a1b423c13a398e7a6ef1631209d33a83c2ce3ce5eb111c0e5a36357debcd959f9bd9

    Download Submit