Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 10:29

General

  • Target

    62f8902b4c2494a2af9b1aff2c9133be_JaffaCakes118.pdf

  • Size

    47KB

  • MD5

    62f8902b4c2494a2af9b1aff2c9133be

  • SHA1

    4cbc07fcf586a73f5f3c07e78fbd28edb6fb94b8

  • SHA256

    708d1ab0606a312e41575187605b3b7d9d3a6f9950ac6fd8882938b263b08553

  • SHA512

    b1cfcffd4ec07c62526bad02eaec6109c11db4bdb2008ef8b5c468d5fe2d11e7f2af40054b30d703d5fd544aa8ee5fb721d160dae4f4203a682b479925d49bfb

  • SSDEEP

    768:jUgGzpD8PJiYshNsYgo5KXqxkZCL0Io7ruDnZNF/V9xSE6GPJpvSUF:VGF4+WPuz3F9/8WfvSUF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\62f8902b4c2494a2af9b1aff2c9133be_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    0189ed24533ed8f43e7e560c321b15a5

    SHA1

    6b92035b8cd18b01c291409fd2cd4dd07119f225

    SHA256

    c6ab1d9612db9b1860388c8cf5696d00e5d49c0a1c72c5a1a8c8091df7b82f44

    SHA512

    7a71d6ec5dd1a6156bdf5b745df33fbe7a8a8ad9399f064120ef48c89728d5c7eecc64dc9fe53a34c129405de16eb79990196ef1907ae82e098544456894615d