Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/05/2024, 14:51

General

  • Target

    0c15b47820913f302a705b32f3b6814b_JaffaCakes118.pdf

  • Size

    32KB

  • MD5

    0c15b47820913f302a705b32f3b6814b

  • SHA1

    f3153179126a735a3a9466be68a636d2504c077b

  • SHA256

    6ff7093dbbcd241be4f153e97c1e1be7a91445dd1040a5687edc4ce9a9e24b0b

  • SHA512

    867a3ca363abba17deca52f062696f1ac3cb159f0a0ee6c9ab6106f34017b4053daeb093dfa61a19d3af834299303b34db3abdd2c2a3ffad282b8f65f320e463

  • SSDEEP

    768:j4klGQbeRxH3dRZM9k4lH1lJ5EtV/OrXTP/ylBl7UQinVKE57XuMZmwgCLWarnN4:j4sGQbeRxH3dRZM9k4lH1lJ5EtV/WXTQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0c15b47820913f302a705b32f3b6814b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    498ba04e6999c5b912b10aec1659bf30

    SHA1

    b8ad40598b8da3692ae5fb3ca5111386b0889fc3

    SHA256

    66bbfbcdab910198accfe51d82cb12a142fb1decf5216d26725d6f0aa93c8883

    SHA512

    d257061deba3b95858050e97d2b05761cf82afd7a2fb67a0dc17d5aed9d482849dffc0b496b7c68e3a9c0f261150a71b347acc548553cecb7344b1001accc745