Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
21/04/2024, 11:17
Behavioral task
behavioral1
Sample
ff288a62cff3ec1d6922622f0e6e6654_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ff288a62cff3ec1d6922622f0e6e6654_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ff288a62cff3ec1d6922622f0e6e6654_JaffaCakes118.pdf
-
Size
85KB
-
MD5
ff288a62cff3ec1d6922622f0e6e6654
-
SHA1
92762c4cbc4558eb3d4856a90ba0d92e5561dc87
-
SHA256
561f72d486ca252689089d528f5889051dd0a7af39f70ff8aac8211eceb88371
-
SHA512
6a7bf7f8072e178d263a1d41a5febb2d3a1be3c55d28544a738f4f42305790906402ae569dcfb06e0477a8e7ae824376d7a1760acaba193595c7ae1879c59457
-
SSDEEP
1536:PhXUrDViZkofkxh7zHx8Uj3P7baqXONn5xat0TgkYyRxF7re2HMl3NoWJwdlRkbL:arDViZkofSzHyUiBTaCT7YqxZe2HML5b
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2240 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2240 AcroRd32.exe 2240 AcroRd32.exe 2240 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff288a62cff3ec1d6922622f0e6e6654_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2240
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52b0e5027211294bf4848d2d27b899234
SHA1a89338198a7717cff2bf0d6edade85811085f3d4
SHA256e2f92579644e7769d26f93816f90c1eb20afe21700f65c211167754553033ce8
SHA512eb40228e9eb39ca1a1179242c25559b6d4c0070c72bbadda06fcb189c10ebd303144e00d940aba73b7c60678e628a4ffb1cfd3821c87fef1de0a24407f9da15f