Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/04/2024, 07:39

General

  • Target

    095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf

  • Size

    184KB

  • MD5

    095afccb9da75bef473ca33747c434fa

  • SHA1

    82e4fdb3c655aed6e1bffbf56ade3e5dcf87b868

  • SHA256

    1dd04928ec2c3e5e65eebca12f3ed28a1b2b0306de84a867bf95c7e1b812a09f

  • SHA512

    9619f2af61172a056138cd361ab8f2a1c2cc21116eabc878051f7d9b616ec8b2592234eeccee68a7aaab4ba1ac25d9f3ba9d86e77c4d3818c25ba168dfa2e87e

  • SSDEEP

    3072:k2irbxzGAFYDMxud7fKg3dXVmbOn5uI6KjnBSWpmRFIkX7OG3rn54lSf1uSi:k2MKlWQ7Sg3d4bOpB3pYFIDgO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\095afccb9da75bef473ca33747c434fa_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    09359532e6275c9203a61023f674c005

    SHA1

    b9b216c59747c56300f5af104495ee93ca5ebe29

    SHA256

    c580757beb52aca54ca7cae360faad3c41119829649e77d1dd002ec6498990ec

    SHA512

    91c5c4611df32764e82ad550642e1190b88735d6ed45516f32443bcdb165ddd0a4c3c278643391d6cd53748c8b06d752d05a2049e1cadf0f8a4a62cc05767fac