Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22/05/2024, 21:07
Behavioral task
behavioral1
Sample
68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf
-
Size
38KB
-
MD5
68a3bf98f84f070600619df21e2ca69e
-
SHA1
795f503e05270d3a46bc0640b72ce48588bfe48c
-
SHA256
c07f61978da629384bce31d04842f55f1b08109a11ef4f92185827a2e110ded6
-
SHA512
6fa488dd744540168c3e045352139ed874c2cddf533e909439317b763cc25f229025a51ac34d8eb73a5aab9f094217d1dc3f93cfe132659c1de58b4cdca6d14c
-
SSDEEP
768:Qv2t1yCJ/fG4BaWfz1vy4TAzyXl7lAIrhE9TBRLXUPnHkqyy3l1U9bKvqaqSWE5D:i2t4m/fBFI4TAzSl7lAIrhE9TBRLXUPd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1484 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1484 AcroRd32.exe 1484 AcroRd32.exe 1484 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\68a3bf98f84f070600619df21e2ca69e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1484
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD520cbfe9a9c552b500398bbabe5c01de0
SHA18fe94b79285ef8a6df1744fe8ff3c593e22f11dc
SHA256a7f5ec73e09eed60e7074cba8145e57424df7ce3903d7ceaf5aef520da221f9e
SHA512f6d2d2c1de1defc774fab8a7100b3c7e6811cebca05ccf197694f602e744de4f414b1b796a8de785af366eaa2cc632ef1b2131fada193f2141abc6120731cda8