Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 06:18

General

  • Target

    07013b6deade60872546a16d61c0606e_JaffaCakes118.pdf

  • Size

    44KB

  • MD5

    07013b6deade60872546a16d61c0606e

  • SHA1

    d57091e8d82b6208f3fd3795cb55d6175d162093

  • SHA256

    a6f0a864af5616a366a239a344823687867ea191f0949bf7d42cd97f973d9298

  • SHA512

    daee3ccfa87827a5c062d69e8928a8ff00e39a0f2bcb838101f4fdf18af5cf002f709532f9e7fe9a7738808fac5e7a7581a333f8b94d3d0542e69c48d7321773

  • SSDEEP

    768:qgGzpDcpRsLW6Ghh+9I2YW62PSMsc7KJIa2ae5PFUmCQFZokSMBFoztv:3GFwpRwPBsc7K6SiPFxCQFZokZCtv

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\07013b6deade60872546a16d61c0606e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    97ff8bc77f3dfe6128d3177c848f7b3d

    SHA1

    61383c96d21823712aae8b92ab985a48ac3d8c8a

    SHA256

    e9c0aeb3da221b89bee25f4e4475cc55dec2862c520f1c02e11178ca58fba629

    SHA512

    3fa05f7d42316c42d0e845c0d35cfa76c596b14e3342a9e7bc7344f7f750f9d15cba7b86ac82bd6a74296658cdda9e4fb01d7c5a71ec78cc2ea172370389367a