Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2024, 11:38

General

  • Target

    5eddaf52517b96c523ad6463423971c9_JaffaCakes118.pdf

  • Size

    38KB

  • MD5

    5eddaf52517b96c523ad6463423971c9

  • SHA1

    a09dd1b8395138bc781a628d9f896d9820afb1de

  • SHA256

    eeda56c3d64629f07095372a40e18b0cdf76284ee45d32fe26840e0b84adccea

  • SHA512

    a2caab154c5d483727e882319c0db87889b96982749e0eaf4127c47cb91364e01aa9c139501a1898b9d654f2f03aa68d88fa840f55039f142fa85f7d9203b06e

  • SSDEEP

    768:DgGzpDSpfBXmskeikqSHTpImcKmux+yf5bGBojViCU/gpqsM1r1Gz4JIt:8GFupfhrV+y0ojViCtpBFMIt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5eddaf52517b96c523ad6463423971c9_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5a44f36325ff7e13a0a60b2b0ebf0fbc

    SHA1

    ee28058f794a62893029e08fe1bd4ac2fc7499dc

    SHA256

    a9cb9f12fd31659530dfc9ca345bd3e7f14b6d7686ec10e5fd040bc94824db1b

    SHA512

    5a663f1ca98b04c264111b31a5b5a89925d0c68394081269e5eadb719c08ba11f15e65da6f9fa7f79cb30da140af3af5d08650e6844f35b17d9e5bd7943929b2