Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
09/05/2024, 01:17
Behavioral task
behavioral1
Sample
279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf
-
Size
186KB
-
MD5
279be2a58e6327592bb148ea2597bea0
-
SHA1
c40493b007a1d8a172eb2e9af94c68b60108c1b5
-
SHA256
b11e97f2b0adc8bf54c24edb7cb10607f14369df7ac03218cdb5a4b845ebf654
-
SHA512
27a9172c516034ab91035ab00fc438b08a646c0cea7f5f52f14564cba79216d7edc031fbf1054a0e6c029e5b9f76e3e866d97fe892671777f08bd576675adcdc
-
SSDEEP
3072:a2irbxzGAFYDMxud7fKg3dXVmbOn5ua6KjnxEpCRCVi8msBowtj2jSC:a2MKlWQ7Sg3d4bOX2C4Vz1ow1Q
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2360 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2360 AcroRd32.exe 2360 AcroRd32.exe 2360 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2360
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56fc1e2ea8d87f6691ffb8837edf938b4
SHA19996b64aec28eb9c86576737ef620e037c821a58
SHA2561aa137e88ce562d62bdc9cebf1a633407b76a160951aba571018cdb9d9be4b42
SHA5123e5dcd33e2af2e48f31972c5e1944a4454bb6f99d632da64a5b92b89adcc339105e7750260031e21230274e7ed6512928555758a45fd489b508443e398fdf6a0