Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
09/05/2024, 10:02
Behavioral task
behavioral1
Sample
29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf
-
Size
28KB
-
MD5
29727384bd6579cd87b6a7e8db4d6e14
-
SHA1
19323ba306b6ae47cd6d39a62117808c7ae558d9
-
SHA256
b5dce780ccc82437e88aaead80f19c7335ff2db4ed7e6e38235a251c9cd8147a
-
SHA512
d09e705b65617f5e54f25642d98bcda95d5c234cc14ed474437f4f35d359939e1f337ee264d034b4ca413a1be20c04e474efdde857544822f2b117f4655badd0
-
SSDEEP
768:FXuMZmwgCLWar+E5HpxgnAFq5+zk4F2mdHK4DI6WOm:FXFZmGWS/jgnAFq5+HF2QI6WOm
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2208 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2208 AcroRd32.exe 2208 AcroRd32.exe 2208 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29727384bd6579cd87b6a7e8db4d6e14_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2208
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51f9455cd4a316da0448e069442d34983
SHA1bfdc67e7cd4a8d87f7aeb4937c3655ba6f45281d
SHA256669d233fe76f5d31ad80903f1781df64e58e4c6510cc3594b470c7143182425e
SHA5128e2e3a8f61b545a52dd95801d5bbfe7d447d1e910ea64cfc7c029f83d5ab28bafacb4b80d11969bb6290d5cf7dfa6402cf70fdcc0a38fd274e4803cf24b945e5