Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/04/2024, 12:05

General

  • Target

    00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf

  • Size

    38KB

  • MD5

    00bb18d009ffe1998463458e4478448f

  • SHA1

    b7db696d4b909ea72cb0fdb239cd6ae0bee661d3

  • SHA256

    8f10871f0ea0277c0de1ddc3e777c1cb481e93077ef729aceed136525514c0ad

  • SHA512

    0d360d0662429fd5c65532e464e1c4a10ee33def90e239d5f00a0cf53435044a0875bc4995623de7d7442db9c87f4f05a2047e1076b04abd6ea47a4b8384f1fe

  • SSDEEP

    768:FgGzpDepvpnfOc7Lm+W+4C2xO6M3VhyPHnazgV0QR10wJ/3L7fhC:WGFCpBALX68V71j/3L7fhC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00bb18d009ffe1998463458e4478448f_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    fa61f62c9faa8aa8d7df9e4b35475cb4

    SHA1

    6fb0e688764feb6554e0562a9773d95570c93be4

    SHA256

    24686e5cc256a2581257e32750e95fba88c91e0764eebfdcec81da3e3ec70991

    SHA512

    814c88847d11270473f7be5c6231aca1779395fd9e5374bbbc18c11a45f239c1bb311a5b5dc69d46b5676332f3c0c8ead997bc935faf98222e2498fd0dc0966b