Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0820c474e3...18.pdf

windows7-x64

1

0820c474e3...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 16:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0820c474e351cda4bc531ff7e1230d09_JaffaCakes118.pdf

  • Size

    101KB

  • MD5

    0820c474e351cda4bc531ff7e1230d09

  • SHA1

    64dee4df5ca248af74ee00e042a654f0b43f7060

  • SHA256

    58ef37e141500d5bc9b9880d716db277296c4d07a364aedfa3b3bfddca13f13c

  • SHA512

    76c4002de1c2ddbf5b0c7896fe085a624d41ecd50ab4f203b1e43bad3e08bc3a0c97cd89e8286f1a61d20744f33424925a2b9b0846cf3b2065aea3bf509e3403

  • SSDEEP

    3072:syscL2EF8l6SffasfhSLai0Tp+A/uIHMoysXQ2aDo/Wqn:v2EjyNp/+AMoy3iuqn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0820c474e351cda4bc531ff7e1230d09_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0e92ca35fb31d074259591f72455e1ac

    SHA1

    50fb184e84b3963bc67b122936c5fb5aee70f535

    SHA256

    b94e517a4b384149479ad39597b274301b12ca2847d318ccb88e8b7c6b89ab9c

    SHA512

    2804e8339c270888ab24584ae64aa9d336bdec2756b922ae3a94a1a6d2ffdadc03714c6e11cd233050aa77c0e2a542a72e5a0a78898d60bee70f7695ee377132

    Download Submit