Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15/05/2024, 00:01

General

  • Target

    43ae65d87fd8e76de3330eff232caea8_JaffaCakes118.pdf

  • Size

    40KB

  • MD5

    43ae65d87fd8e76de3330eff232caea8

  • SHA1

    9571e849c611689e9b88e04ca035b98542dbf926

  • SHA256

    a3365a58d2d2d335df08086a0de9ae8e68ffcda4170879b63d3527d373b93c2e

  • SHA512

    ee4f7839fd9ead913098560189b9f014cf2bf94bb270e7bbbd391a0d12d1f4668a78e5b91f67e73af445f942c1a7b77f5cb4d7c0e9fe9a35e1c7064a5409df54

  • SSDEEP

    768:pJiQGzPXour39XbF+89scZsD/fojZOkdPR6CmosqrVnaIu+Wd8H+NPbbwrJYqk:7JGzPXR3wo5PR6CmQpnBnWdFbwrJYqk

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\43ae65d87fd8e76de3330eff232caea8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    456d5e0fd022cadc4f5aed44782a0630

    SHA1

    4a4fd8867a4dee1580ec89f306358e0a7f7f19d8

    SHA256

    115cc8b74aaa1a3bb85a026f4129aa572a4f621e44c130586d283e85f1d911aa

    SHA512

    5bc563858f0b96d82b0f9aba90046b323d0f55ed3869e8449381afa48c6902a00384d38f027a05eb17e3d4d2f44f1e527662e0730068220b70692f6646803b26