Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    15/05/2024, 11:48

General

  • Target

    460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf

  • Size

    34KB

  • MD5

    460b97045028d5cc4af9d5aa7ac2cecd

  • SHA1

    144f58772b0e9604dfc58bdb8cb4bc4f4f2098aa

  • SHA256

    a5e09b46013593b8b00b165261a3e357886daeabdc46d2bb55b06592e78a7fb5

  • SHA512

    4f6d74e854f78a1172423c6711af82dcd8fda0021bddc4f0e51fb88d1be02c889607928de7949ead582e5c22f87d69004e0c0f152ad51dc1e11c752968de54d6

  • SSDEEP

    768:+XuMZmwgCLWarpE5Hpxxxaf1tA+/FFbXWGDJyHtJVVsw1:+XFZmGWS6jxxafwIPPDYNJVVL1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2356

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    668fc268b7f1a0f1cecd5548ca130d50

    SHA1

    d9e0280873622854127d4bf07a43b2b0246154f6

    SHA256

    2c7a542e0c9b35f37ed676fc6d834a87bbc1fc49477dfe87dd78787d7265eb37

    SHA512

    a17df15228f4ce0377508a299e0c7cf1026df1d77ab8d514a026887460ca216aae135ffaac2a39fcc7223c61b29156244938bb6966012cc197e13609feadd24e