Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
05/05/2024, 01:24
Behavioral task
behavioral1
Sample
155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf
-
Size
352KB
-
MD5
155bd05750a1b089e41c1d9bbf35152c
-
SHA1
6af48c48e4d86c7a3ff12c1d332d39b103ba7809
-
SHA256
2b720f73fbd3d0d3da6c8134a0e234bff4ef10fc7ca38d5e3869ed7e1f411f5e
-
SHA512
ecb8cd0955f6593043abbdf5a24cf4bc9fea461bf450a02af64b48ae5161ae78ba11d563965815924a512bb27df562864daff52c9642259e97d548629adb41c0
-
SSDEEP
6144:TP8l0V0vp4TBIoYnmAxqYHfx+RNFCNXhGtLzMTsSKoZfc19asbvQ:TXVZNE3xqYHbEtLWsSK401QsbvQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2204 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2204 AcroRd32.exe 2204 AcroRd32.exe 2204 AcroRd32.exe 2204 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2204
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58ad3fa80b827bdb378a672397af9c8eb
SHA1a90b501bfae4e5f52a8ea09cfc9273008fed966e
SHA25666cedd6fc40a1dfebd4230ec3622082f496e521a928f7cbfa215f0f6c6d8ea54
SHA512142d342c55fa4bb5b632638a5c2917e1a660ea51a48f34222421dc7f6c0b0beb89c4e66095af8fb7a3350f7beb75a15539d5c88f612de9032cb4c849d2ac2bd3