Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 01:17

General

  • Target

    279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf

  • Size

    186KB

  • MD5

    279be2a58e6327592bb148ea2597bea0

  • SHA1

    c40493b007a1d8a172eb2e9af94c68b60108c1b5

  • SHA256

    b11e97f2b0adc8bf54c24edb7cb10607f14369df7ac03218cdb5a4b845ebf654

  • SHA512

    27a9172c516034ab91035ab00fc438b08a646c0cea7f5f52f14564cba79216d7edc031fbf1054a0e6c029e5b9f76e3e866d97fe892671777f08bd576675adcdc

  • SSDEEP

    3072:a2irbxzGAFYDMxud7fKg3dXVmbOn5ua6KjnxEpCRCVi8msBowtj2jSC:a2MKlWQ7Sg3d4bOX2C4Vz1ow1Q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\279be2a58e6327592bb148ea2597bea0_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6fc1e2ea8d87f6691ffb8837edf938b4

    SHA1

    9996b64aec28eb9c86576737ef620e037c821a58

    SHA256

    1aa137e88ce562d62bdc9cebf1a633407b76a160951aba571018cdb9d9be4b42

    SHA512

    3e5dcd33e2af2e48f31972c5e1944a4454bb6f99d632da64a5b92b89adcc339105e7750260031e21230274e7ed6512928555758a45fd489b508443e398fdf6a0