Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 10:02

General

  • Target

    29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf

  • Size

    28KB

  • MD5

    29727384bd6579cd87b6a7e8db4d6e14

  • SHA1

    19323ba306b6ae47cd6d39a62117808c7ae558d9

  • SHA256

    b5dce780ccc82437e88aaead80f19c7335ff2db4ed7e6e38235a251c9cd8147a

  • SHA512

    d09e705b65617f5e54f25642d98bcda95d5c234cc14ed474437f4f35d359939e1f337ee264d034b4ca413a1be20c04e474efdde857544822f2b117f4655badd0

  • SSDEEP

    768:FXuMZmwgCLWar+E5HpxgnAFq5+zk4F2mdHK4DI6WOm:FXFZmGWS/jgnAFq5+HF2QI6WOm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1f9455cd4a316da0448e069442d34983

    SHA1

    bfdc67e7cd4a8d87f7aeb4937c3655ba6f45281d

    SHA256

    669d233fe76f5d31ad80903f1781df64e58e4c6510cc3594b470c7143182425e

    SHA512

    8e2e3a8f61b545a52dd95801d5bbfe7d447d1e910ea64cfc7c029f83d5ab28bafacb4b80d11969bb6290d5cf7dfa6402cf70fdcc0a38fd274e4803cf24b945e5