Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 05:49

General

  • Target

    6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf

  • Size

    41KB

  • MD5

    6637635d3184b47585d71a6985e30005

  • SHA1

    5c931afe4723be31370857f0ce8a96f647c2ae4a

  • SHA256

    6b027fd39ca7281d22c3fc9a53946cf3bf93ae27395bcbab4a5e16d08c8d1699

  • SHA512

    78859ac0e3559c8dd8875ea2731ccf3fcec83e82d2da21a8c56785ecef04057a63d3b723fa616c7993ec98b53a8d8bdb387ffda5e31e4abbe06c3871cf9a724d

  • SSDEEP

    768:NgGzpDSnN6FUp/atT+6jY0Ss1xNRhjCWCh22iPO63bwNhCWDCe1TFq839I6KZzZv:uGFOjS1fCWCrUEOwTFq8NI6KZzZv

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6637635d3184b47585d71a6985e30005_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    a45b2671c4ad9b16bd209c0f3158f00e

    SHA1

    3307c9eb0c876a4afea160d15816f6053c649bb3

    SHA256

    6e9f966391413b26a3d9b66bd26b2166636c02d1c25918ee35f44a3ec8ab72d6

    SHA512

    ca33e8e4461cd3b5cf2202103be3fe38cef2c60a724e165d4644c8897be2348c25ff3adab3b2c091762ead35d260cc11e8f05913eadd8519855017daf842e6e8