Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/05/2024, 08:29

General

  • Target

    392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf

  • Size

    36KB

  • MD5

    392f073fa3efa9e62c748a33bde803e3

  • SHA1

    25ee4fbd3b1772044a6cf31b960d046e73234f2e

  • SHA256

    479b059f73d9abd54b57c2c79eee4a9c22223351c673e04acc196cee7411a244

  • SHA512

    3618ef1bece98365202c78f5f0391c414ee948e181aa4e6e88f7b84da13112188f96efe21082b84fad3a6198cebba0f0e77b53193b49ecf4b63dfeaa744d9bc5

  • SSDEEP

    768:MgGzpDwfpZsNnlyGABc+T4L8CMZqoM/ujbVpZ5g4A8Bh3i55c/uq:JGFMfpZtWuHLTU8zh/uq

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\392f073fa3efa9e62c748a33bde803e3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    a729efae4780a69c9bc1b4169c2c171a

    SHA1

    5822be55837e67232ef303c3155160e8482002cc

    SHA256

    e29f9a4d66abea436affa4066853cfbd327bc75e97d468075e828eb59ff0e815

    SHA512

    8f10f01ceb6f1d0b1396f5162e04873be770480baf4c774f038a56884263a43e399cd524be1fda13c89136b8dd008dccb62188530cc0544150864f83a71b119a