Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

16318127be...18.pdf

windows7-x64

1

16318127be...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    05/05/2024, 05:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16318127befdaccf1eb9a2dcfbcd5f89_JaffaCakes118.pdf

  • Size

    31KB

  • MD5

    16318127befdaccf1eb9a2dcfbcd5f89

  • SHA1

    e55e90552f2dda40d5368d8e37a33fc322c36552

  • SHA256

    4c089cb65d8ca75a7d6fc167ae85ac35ec9945a176bc6cac23126219373ac9a0

  • SHA512

    a0d2c874c9b9743d598235e902535fcf325996227c5c952fd69a2228424fc2a59c934c5772aa41bad36fa9fe41251fe32946d624551541458df67975f80caa03

  • SSDEEP

    768:JXuMZmwgCLWarROUSd6kxUgCuPAU8KIBgSg+zvcXP:JXFZmGWSi6kyr6z7ShgP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\16318127befdaccf1eb9a2dcfbcd5f89_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c01d68baa8383574a6aafbfd2208824f

    SHA1

    afd4a7766503742f7bebd962d34b35643751fa34

    SHA256

    78caedb52819de809346cdd6aa5c29bdc3e9218325aab888af197d8a1aa37c50

    SHA512

    8ceea3df0c7160e10fe546e3175689973d50ba8d0502a018622bed7d886adc52897bf14b87478b6cfb44c66988cae8dfcaf0c591ff0f7f597da3cb083a226a30

    Download Submit