Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30/04/2024, 07:39
Behavioral task
behavioral1
Sample
095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf
-
Size
184KB
-
MD5
095afccb9da75bef473ca33747c434fa
-
SHA1
82e4fdb3c655aed6e1bffbf56ade3e5dcf87b868
-
SHA256
1dd04928ec2c3e5e65eebca12f3ed28a1b2b0306de84a867bf95c7e1b812a09f
-
SHA512
9619f2af61172a056138cd361ab8f2a1c2cc21116eabc878051f7d9b616ec8b2592234eeccee68a7aaab4ba1ac25d9f3ba9d86e77c4d3818c25ba168dfa2e87e
-
SSDEEP
3072:k2irbxzGAFYDMxud7fKg3dXVmbOn5uI6KjnBSWpmRFIkX7OG3rn54lSf1uSi:k2MKlWQ7Sg3d4bOpB3pYFIDgO
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2192 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2192 AcroRd32.exe 2192 AcroRd32.exe 2192 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2192
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD509359532e6275c9203a61023f674c005
SHA1b9b216c59747c56300f5af104495ee93ca5ebe29
SHA256c580757beb52aca54ca7cae360faad3c41119829649e77d1dd002ec6498990ec
SHA51291c5c4611df32764e82ad550642e1190b88735d6ed45516f32443bcdb165ddd0a4c3c278643391d6cd53748c8b06d752d05a2049e1cadf0f8a4a62cc05767fac