Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
09/05/2024, 03:24
Behavioral task
behavioral1
Sample
28131b71ec9eb64cd17d810fd5d10241_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
28131b71ec9eb64cd17d810fd5d10241_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
28131b71ec9eb64cd17d810fd5d10241_JaffaCakes118.pdf
-
Size
47KB
-
MD5
28131b71ec9eb64cd17d810fd5d10241
-
SHA1
0258ae950336e06c411eb6f7f364e4a14b24978a
-
SHA256
a989929ab5966b2a8bb9be8c4b064371d9b0b2c17d61e0b462e753061ee1d71d
-
SHA512
e2e49b00d2cdbc439b7318b4e90643271629e9f082cf3a0282f158a19fc15b3a4d0c01a594ca7e10347b176d1aa9b1b0ba08ee1a582f65c51bf15b000a6386c6
-
SSDEEP
768:UwgGzpDyBVksi82wO74avdb2pAcrA5JNnIxqIV6kYV8oBopfyRqeq9N09VsZW7F:UdGFmO72pk5JSxiwfyEQAZW7F
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1992 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1992 AcroRd32.exe 1992 AcroRd32.exe 1992 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\28131b71ec9eb64cd17d810fd5d10241_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1992
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b0bdc44ee0a3b8bf28c9e7678fc0c3a9
SHA1dde3b94b95e4e35be8a6d13caffc9fed1c6e06e5
SHA2568248cf594c609ed2b6f383901204ed54e5e40de73200183744be765b75e8815b
SHA512b00ed490414efd7d2427fcc87c685718310e40eecf5d785a0350e55b00b61c38426b85b9539dd234a2d4a8ea5ad9ad36bb76a5908bfc37ba764e34e2b47c1e00