Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11/05/2024, 09:53
Behavioral task
behavioral1
Sample
33fd9b62f3e53d045d03414a5bf36f54_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
33fd9b62f3e53d045d03414a5bf36f54_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
33fd9b62f3e53d045d03414a5bf36f54_JaffaCakes118.pdf
-
Size
42KB
-
MD5
33fd9b62f3e53d045d03414a5bf36f54
-
SHA1
2eebb1638ab986ce6dca2e49e40f8067bde70efb
-
SHA256
9cbc429f0a2f067bac9fd5065db76a21bf834a6d8e606febc64b110de365cc4b
-
SHA512
21a42ebfd78a8c3a44ba013aedbd0f48a43f27d70df2152d136ae8d63fdd4dc96444d7451f2de26a6067251e38577fb729a7efcc64f83919c49dd9fa6b605dda
-
SSDEEP
768:LgGzpD4dLiFQUKyQOQOaeAzDFV9OF5RdxiGGGG3+rjU/lOuOCcWmByG2aclH:0GFUsOthOLRiGGGGu/Yl/xcBByG2aclH
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2236 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2236 AcroRd32.exe 2236 AcroRd32.exe 2236 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\33fd9b62f3e53d045d03414a5bf36f54_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2236
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53c77f7a424cd9d4391a88f072e5e0a70
SHA1bd301fcc582b935681b8e329f41a3c329b080139
SHA25699b5d764e7b635d25b13bae2bab190af8373b5f3b192da8894d24e4f80a1192c
SHA5129a533c2160acc30f848ebdb13138c396d319ae3bff3e45f0be3b56b9e7d7f6c9df4a8a5cb49fe536b23aaaeddc0fd3f48c4c472a5b2703f0d843f8f99b6368f3