Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03/05/2024, 17:08
Behavioral task
behavioral1
Sample
1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf
-
Size
184KB
-
MD5
1102a25d8e123aa56074c7877f8d5f39
-
SHA1
6ea8c8fe158356c01126751aa97e3f757c5bcb82
-
SHA256
b1d8b1b23009a4894bdaa8ef6487120ac17ae8daa14f95ec97a7f328e3ef1e8a
-
SHA512
d5311ac92b378dcb1498fb8dedf6fcc9275759dd90fbe9a9aed0cfb0616bf6815be9ae8afc0bb8fc7b67daf26b5ea8328bbfd89aedaf22486ae07ce9b4f27431
-
SSDEEP
3072:+72irbxzGAFYDMxud7fKg3dXVmbOn5uY6KjnLs3NKskVlV1FlafY3Qqpo/JSt:U2MKlWQ7Sg3d4bORLGNW7foO
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2168 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2168 AcroRd32.exe 2168 AcroRd32.exe 2168 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1102a25d8e123aa56074c7877f8d5f39_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2168
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f008111ede72865d77b0e7b0c7532693
SHA1780e0f84514b7c55c86b4e8336c120f20c8c115f
SHA256c22f981010d0e0aa57a224521450a039001d32ddb7ab7ed839bf5945f52971b7
SHA51222ac836558103ff8a3de401a0fab96c9115bc65294b99a47090fbaeadafad6ccfe09c8961ac33d1615784df0cb29af527f66f452565f1d52b596ebfc165182e7