Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
12/05/2024, 08:29
Behavioral task
behavioral1
Sample
392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf
-
Size
36KB
-
MD5
392f073fa3efa9e62c748a33bde803e3
-
SHA1
25ee4fbd3b1772044a6cf31b960d046e73234f2e
-
SHA256
479b059f73d9abd54b57c2c79eee4a9c22223351c673e04acc196cee7411a244
-
SHA512
3618ef1bece98365202c78f5f0391c414ee948e181aa4e6e88f7b84da13112188f96efe21082b84fad3a6198cebba0f0e77b53193b49ecf4b63dfeaa744d9bc5
-
SSDEEP
768:MgGzpDwfpZsNnlyGABc+T4L8CMZqoM/ujbVpZ5g4A8Bh3i55c/uq:JGFMfpZtWuHLTU8zh/uq
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1152 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1152 AcroRd32.exe 1152 AcroRd32.exe 1152 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1152
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a729efae4780a69c9bc1b4169c2c171a
SHA15822be55837e67232ef303c3155160e8482002cc
SHA256e29f9a4d66abea436affa4066853cfbd327bc75e97d468075e828eb59ff0e815
SHA5128f10f01ceb6f1d0b1396f5162e04873be770480baf4c774f038a56884263a43e399cd524be1fda13c89136b8dd008dccb62188530cc0544150864f83a71b119a