Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

5bf453f039...18.pdf

windows7-x64

1

5bf453f039...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/05/2024, 23:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5bf453f039255c8ab7379d739f7d1af5_JaffaCakes118.pdf

  • Size

    16KB

  • MD5

    5bf453f039255c8ab7379d739f7d1af5

  • SHA1

    714e2263cbc26ef9a44ec39ac2c288b3c52c597f

  • SHA256

    a2e8b3f6d5251e4a87f1c97ec0e9622d43b7fc306693d652a86ab20aaf1d5ae7

  • SHA512

    be2e89a03724b0026bcc41664a8e2917add0e8b7e6817926298691e73fe218925f62cb3fb9637d8c6f3d545961e82c36ad53517ab1be79b020d854834697b1b9

  • SSDEEP

    384:dlu+eCAsiFexs9cvzFTT3G1NiEESSrrD6Zowv/0M9Zk:+sipSvzFO1aPD6ZowH0WG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5bf453f039255c8ab7379d739f7d1af5_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    69014fedffe22495be8114e29ce16369

    SHA1

    369710197dfe4774d4784c645a0c28e024531b1c

    SHA256

    3b85e09e5445a28f55a69a15db764e2f825a8d5bfd58b257b3dc1605b2312929

    SHA512

    176940fc2b684dea62f2c1c6033d6b25998af41c380e6550a9882487f8382ce9e9ec8528f2ce6aa10576525f06b1c2d30dbb043333922aef3d144e5c0bc2271e

    Download Submit