Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
22/05/2024, 05:49
Behavioral task
behavioral1
Sample
6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf
-
Size
41KB
-
MD5
6637635d3184b47585d71a6985e30005
-
SHA1
5c931afe4723be31370857f0ce8a96f647c2ae4a
-
SHA256
6b027fd39ca7281d22c3fc9a53946cf3bf93ae27395bcbab4a5e16d08c8d1699
-
SHA512
78859ac0e3559c8dd8875ea2731ccf3fcec83e82d2da21a8c56785ecef04057a63d3b723fa616c7993ec98b53a8d8bdb387ffda5e31e4abbe06c3871cf9a724d
-
SSDEEP
768:NgGzpDSnN6FUp/atT+6jY0Ss1xNRhjCWCh22iPO63bwNhCWDCe1TFq839I6KZzZv:uGFOjS1fCWCrUEOwTFq8NI6KZzZv
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2484 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2484 AcroRd32.exe 2484 AcroRd32.exe 2484 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2484
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a45b2671c4ad9b16bd209c0f3158f00e
SHA13307c9eb0c876a4afea160d15816f6053c649bb3
SHA2566e9f966391413b26a3d9b66bd26b2166636c02d1c25918ee35f44a3ec8ab72d6
SHA512ca33e8e4461cd3b5cf2202103be3fe38cef2c60a724e165d4644c8897be2348c25ff3adab3b2c091762ead35d260cc11e8f05913eadd8519855017daf842e6e8