Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/04/2024, 22:10

General

  • Target

    03bc9750b60a5743e00dc2a0a1c1e502_JaffaCakes118.pdf

  • Size

    54KB

  • MD5

    03bc9750b60a5743e00dc2a0a1c1e502

  • SHA1

    ea98167c3707cf5955d93d2b214c4a326d6a11c1

  • SHA256

    7dcdd140544e1a86aeae9949d3466b23999f0b24670c2066b76c75533add5707

  • SHA512

    6abeb1a3a951194c2d5b48cef966ce55458453e0e1bbb7d2364b25f5db75c098fa376af735847e1f1ad875f58cf707e79138f6bbd28a7a1976d4e30ae12d8f4d

  • SSDEEP

    768:pgGzpDIOHapyoSeD7nBb/Xo7grQA8DWm3cEhOhIA0MZj2wuZcwB4wlWnlANFmt2d:KGFcOg/X1PLAEjmZcBwlWls0t2d

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\03bc9750b60a5743e00dc2a0a1c1e502_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    506aceb1b5e7888d52ea39a5d1554ca3

    SHA1

    d0ff3afff3352cffa911ab47e2c4ad44f8905f42

    SHA256

    9e855c4a879042d80027959d9ff68e09f5c2c119489ad453d68f7463564e126b

    SHA512

    411b8e35a3ef9a1a82f0869dbf7aa960e83fbca3d4e360a7f2b7abc1ebe91b4b47e530f517ab76623fbe9d4bbdfcfa6945ed7f24491f659c64e71ecd588b4b28