Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2024, 01:53

General

  • Target

    0f674155b9676868e5ba6ce64de8907c_JaffaCakes118.pdf

  • Size

    35KB

  • MD5

    0f674155b9676868e5ba6ce64de8907c

  • SHA1

    15f55643c99b3cad913ea8075f551ee8b7503518

  • SHA256

    7ba4979dd5f62810d088d4ea194d2f9d961d5c5603f6b81a58ab9dc482a51546

  • SHA512

    fa31494598cda3c9eed1db1f7569b3ea0dc1f834fe82767fa8f1d04d49486abb5d35c8dfb9fa1428d257490b0600aba3dd63483369239e9cbcc26d6f2f8d773e

  • SSDEEP

    768:YXuMZmwgCLWarxE5HpxwaCSTa/DL9K6dexIPxMiCL9iX4:YXFZmGWSSjnCSTa/DL9KkyIP+9iX4

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0f674155b9676868e5ba6ce64de8907c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    ff73aaa5c0813e69358bb54d87f23cef

    SHA1

    800a2668f239a68f9fe90d54392a7590779f6d95

    SHA256

    df7f7ac16d9341ca6897afc5edb9b2d3ebe24f05dc58769ca1634fa2d19ecd43

    SHA512

    080228ca5357cd64a4dbdab052fe0e89a03c28a822d9c13bd445c716119c3d4209e8fb9f9a2c2803b57ac9a0815acb38780f1d5f60ff3d5417cdf94216aa5a57