Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
15/05/2024, 11:48
Behavioral task
behavioral1
Sample
460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf
-
Size
34KB
-
MD5
460b97045028d5cc4af9d5aa7ac2cecd
-
SHA1
144f58772b0e9604dfc58bdb8cb4bc4f4f2098aa
-
SHA256
a5e09b46013593b8b00b165261a3e357886daeabdc46d2bb55b06592e78a7fb5
-
SHA512
4f6d74e854f78a1172423c6711af82dcd8fda0021bddc4f0e51fb88d1be02c889607928de7949ead582e5c22f87d69004e0c0f152ad51dc1e11c752968de54d6
-
SSDEEP
768:+XuMZmwgCLWarpE5Hpxxxaf1tA+/FFbXWGDJyHtJVVsw1:+XFZmGWS6jxxafwIPPDYNJVVL1
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\460b97045028d5cc4af9d5aa7ac2cecd_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5668fc268b7f1a0f1cecd5548ca130d50
SHA1d9e0280873622854127d4bf07a43b2b0246154f6
SHA2562c7a542e0c9b35f37ed676fc6d834a87bbc1fc49477dfe87dd78787d7265eb37
SHA512a17df15228f4ce0377508a299e0c7cf1026df1d77ab8d514a026887460ca216aae135ffaac2a39fcc7223c61b29156244938bb6966012cc197e13609feadd24e