Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 21:07

General

  • Target

    68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf

  • Size

    38KB

  • MD5

    68a3bf98f84f070600619df21e2ca69e

  • SHA1

    795f503e05270d3a46bc0640b72ce48588bfe48c

  • SHA256

    c07f61978da629384bce31d04842f55f1b08109a11ef4f92185827a2e110ded6

  • SHA512

    6fa488dd744540168c3e045352139ed874c2cddf533e909439317b763cc25f229025a51ac34d8eb73a5aab9f094217d1dc3f93cfe132659c1de58b4cdca6d14c

  • SSDEEP

    768:Qv2t1yCJ/fG4BaWfz1vy4TAzyXl7lAIrhE9TBRLXUPnHkqyy3l1U9bKvqaqSWE5D:i2t4m/fBFI4TAzSl7lAIrhE9TBRLXUPd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    20cbfe9a9c552b500398bbabe5c01de0

    SHA1

    8fe94b79285ef8a6df1744fe8ff3c593e22f11dc

    SHA256

    a7f5ec73e09eed60e7074cba8145e57424df7ce3903d7ceaf5aef520da221f9e

    SHA512

    f6d2d2c1de1defc774fab8a7100b3c7e6811cebca05ccf197694f602e744de4f414b1b796a8de785af366eaa2cc632ef1b2131fada193f2141abc6120731cda8