Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

30c06b149c...18.pdf

windows7-x64

1

30c06b149c...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30c06b149c996ba76f6c105cfebdd9cb_JaffaCakes118.pdf

  • Size

    48KB

  • MD5

    30c06b149c996ba76f6c105cfebdd9cb

  • SHA1

    edc687b5b2f6a4428f9ec8079fe5d8678dd6daba

  • SHA256

    703301c1ffbf8478ce06cf4aef7811eedbb14a105dd410e733d1b2cd1e76a448

  • SHA512

    0bc8ff42fc5c269b03e5ea1910854e911a6870e7b501e2ae6cddfbe5dd80d88e8dd7a944444b4745282b36f383febc298b935d2eee3d2a9d8ca6d746710b16c0

  • SSDEEP

    1536:fXFZmGWSUE7ibeSjRX6SDVRVs7+HBGTeIQIonh7Zk7xH2x:PysPmbe+B8easgE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\30c06b149c996ba76f6c105cfebdd9cb_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    bae6ab6325fc3fbddcc79b4e9da38a7f

    SHA1

    d5b7650173d63d13f9643133a82b7f2ab0b11d1a

    SHA256

    4d13746404869a0cfc773c5e274320603ff1f17e5da0e0ed6a899b9c96ba859c

    SHA512

    8a4949a320063956fbc586c25e29d257461fdcbeb6344c27b47ee408e10eb85ff74c77a0acef0de0bfa58c73cfae7451f5f7c86c45020aee79aa5be354cf8fcf

    Download Submit