Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26/04/2024, 12:05
Behavioral task
behavioral1
Sample
00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf
-
Size
38KB
-
MD5
00bb18d009ffe1998463458e4478448f
-
SHA1
b7db696d4b909ea72cb0fdb239cd6ae0bee661d3
-
SHA256
8f10871f0ea0277c0de1ddc3e777c1cb481e93077ef729aceed136525514c0ad
-
SHA512
0d360d0662429fd5c65532e464e1c4a10ee33def90e239d5f00a0cf53435044a0875bc4995623de7d7442db9c87f4f05a2047e1076b04abd6ea47a4b8384f1fe
-
SSDEEP
768:FgGzpDepvpnfOc7Lm+W+4C2xO6M3VhyPHnazgV0QR10wJ/3L7fhC:WGFCpBALX68V71j/3L7fhC
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2152 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2152 AcroRd32.exe 2152 AcroRd32.exe 2152 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2152
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fa61f62c9faa8aa8d7df9e4b35475cb4
SHA16fb0e688764feb6554e0562a9773d95570c93be4
SHA25624686e5cc256a2581257e32750e95fba88c91e0764eebfdcec81da3e3ec70991
SHA512814c88847d11270473f7be5c6231aca1779395fd9e5374bbbc18c11a45f239c1bb311a5b5dc69d46b5676332f3c0c8ead997bc935faf98222e2498fd0dc0966b