Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
16/05/2024, 04:42
Behavioral task
behavioral1
Sample
4974ac5d74b753541727fafb7f2406b1_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4974ac5d74b753541727fafb7f2406b1_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
4974ac5d74b753541727fafb7f2406b1_JaffaCakes118.pdf
-
Size
60KB
-
MD5
4974ac5d74b753541727fafb7f2406b1
-
SHA1
a1faa71c9ca2952e73c37ee7633c42d371a49fd7
-
SHA256
b60810964ea1049488ca1e92b8387f0c371fc5a652f3aa5be456a6af0f093b5b
-
SHA512
9dc63f397a114a26863c8b6daee8bcaa0e6837f86eb9bbc7e94b4eec187f3f49448ded832b525a5bd6a9f0c412de2ff53352a17784c88fc574082d760445d51d
-
SSDEEP
1536:pGFbpYJMBEEyCwfm6c8bUS44VCetdqSzuVxD:8FbpVEEyCgG8ASN9tdRur
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4974ac5d74b753541727fafb7f2406b1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d7222c3153c814570696d3747eebcda6
SHA1ea33acb5296db70cd2373fa8304d2055c0db25f5
SHA256f6aff1ab00c4da4063d90d683a4742c078a1f71614876db363cb19b9411a5444
SHA51299ec9cc46482bec5a66930dbb1048a7123ed7fc0982b3de08e46e344440828fd8aaf12c9d55835d6959cec9c9e00fefd8a5fea3507ccdc97875516a4d45e4525