Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/04/2024, 12:55

General

  • Target

    053ca89541bcb6c89bcbde37a8266a63_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    053ca89541bcb6c89bcbde37a8266a63

  • SHA1

    ac24299ed3002adae105afaacbe9cfd350d29d8e

  • SHA256

    de925e52320dfc8b772e3c3a91d83a162c0c7c51b2f9a456905b77ba19ce301e

  • SHA512

    1863b08deae21b8693de37f6167f4be047945772327cf6ed130b3a916a4e1b8af47a6daa7f94585eedf9d6510e1a6f2a5e11af12d4972d95fa024a028e4ad499

  • SSDEEP

    768:2JgGzpDvKISuqATATgDGDv3dtwvTUgfgv011JieKNMelSK85TW9Yx86pmuJ:3GF7KTKTUgIv01SeKNx9eBu6pmuJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\053ca89541bcb6c89bcbde37a8266a63_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c2f016ecb84b8704b82099482cf9c604

    SHA1

    90c37ccc80b27625a289fda9ca45a24b5ad39571

    SHA256

    ad3ddac242190516177c09010f0de81de5be3f83b19bfa7dd10c89a085b22675

    SHA512

    43b01a8812eba6d14a1f74662b95387b249a22069cdeacf2d700358c2cdf45a7ef40eb8720296e495cb10f154671795c58cd5a58cf90a9834d00395074a0d268