Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2024, 17:08

General

  • Target

    1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf

  • Size

    184KB

  • MD5

    1102a25d8e123aa56074c7877f8d5f39

  • SHA1

    6ea8c8fe158356c01126751aa97e3f757c5bcb82

  • SHA256

    b1d8b1b23009a4894bdaa8ef6487120ac17ae8daa14f95ec97a7f328e3ef1e8a

  • SHA512

    d5311ac92b378dcb1498fb8dedf6fcc9275759dd90fbe9a9aed0cfb0616bf6815be9ae8afc0bb8fc7b67daf26b5ea8328bbfd89aedaf22486ae07ce9b4f27431

  • SSDEEP

    3072:+72irbxzGAFYDMxud7fKg3dXVmbOn5uY6KjnLs3NKskVlV1FlafY3Qqpo/JSt:U2MKlWQ7Sg3d4bORLGNW7foO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    f008111ede72865d77b0e7b0c7532693

    SHA1

    780e0f84514b7c55c86b4e8336c120f20c8c115f

    SHA256

    c22f981010d0e0aa57a224521450a039001d32ddb7ab7ed839bf5945f52971b7

    SHA512

    22ac836558103ff8a3de401a0fab96c9115bc65294b99a47090fbaeadafad6ccfe09c8961ac33d1615784df0cb29af527f66f452565f1d52b596ebfc165182e7