Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05/05/2024, 01:24

General

  • Target

    155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf

  • Size

    352KB

  • MD5

    155bd05750a1b089e41c1d9bbf35152c

  • SHA1

    6af48c48e4d86c7a3ff12c1d332d39b103ba7809

  • SHA256

    2b720f73fbd3d0d3da6c8134a0e234bff4ef10fc7ca38d5e3869ed7e1f411f5e

  • SHA512

    ecb8cd0955f6593043abbdf5a24cf4bc9fea461bf450a02af64b48ae5161ae78ba11d563965815924a512bb27df562864daff52c9642259e97d548629adb41c0

  • SSDEEP

    6144:TP8l0V0vp4TBIoYnmAxqYHfx+RNFCNXhGtLzMTsSKoZfc19asbvQ:TXVZNE3xqYHbEtLWsSK401QsbvQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\155bd05750a1b089e41c1d9bbf35152c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    8ad3fa80b827bdb378a672397af9c8eb

    SHA1

    a90b501bfae4e5f52a8ea09cfc9273008fed966e

    SHA256

    66cedd6fc40a1dfebd4230ec3622082f496e521a928f7cbfa215f0f6c6d8ea54

    SHA512

    142d342c55fa4bb5b632638a5c2917e1a660ea51a48f34222421dc7f6c0b0beb89c4e66095af8fb7a3350f7beb75a15539d5c88f612de9032cb4c849d2ac2bd3