Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21/04/2024, 09:04
Behavioral task
behavioral1
Sample
feedf365959a842063b599bb55f54555_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
feedf365959a842063b599bb55f54555_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
feedf365959a842063b599bb55f54555_JaffaCakes118.pdf
-
Size
67KB
-
MD5
feedf365959a842063b599bb55f54555
-
SHA1
4f387a8e8319268148c45dbea87743af3ec8f570
-
SHA256
39529c97d57f64fba615ce6bab4e237513791203b2954a5ea96400903bbbe806
-
SHA512
d1d5af325f1d9b17ec1a4025f6d918a9396631958d5a68719876518de71fe1b419c54e3fd26d23a06cb6daa87e03b1055a150363645211f42beadba5e8138a11
-
SSDEEP
1536:k1D9dI7t4NsSPPyJ5e3QlpvmIb5ACbjSS1eijQbmWb:cD90KXmpv5AnS1Jkbt
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\feedf365959a842063b599bb55f54555_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD520829191ba1819f9bf76f13d7e44d2a2
SHA1f3bb21c066a40138a7718685400929722aeba00d
SHA256b4eba6f23744ed6e89d7cab71036f4bf20ff418ff13688e85aa0f177d17fae30
SHA51277aa1e159f85d4363e7fcef8aaa6a5ec22044fe187c32e31024e27345e57a1b423c13a398e7a6ef1631209d33a83c2ce3ce5eb111c0e5a36357debcd959f9bd9