Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26/05/2024, 22:56
Behavioral task
behavioral1
Sample
7714636272cad5d49a440649a2225457_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7714636272cad5d49a440649a2225457_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
7714636272cad5d49a440649a2225457_JaffaCakes118.pdf
-
Size
55KB
-
MD5
7714636272cad5d49a440649a2225457
-
SHA1
2a0c37cf62e15b022796745cdd0b982980ef416c
-
SHA256
5b94067cadfc43ace97a944f3cbcf50ae91dfdfaf50f532c4644783f24f97dd6
-
SHA512
59da67cfbb0b7a7fd458e3aefd4b5000ee750bf7552154dc5fd95ce09dc595531be49de43a6e2ef1921ac0fc949b35b2a7bb457f9ac33b395344ebd33a2c4384
-
SSDEEP
1536:yGFmOw9HrhuyUcIE6awHUg1jU/AHWk/BuD:rFmO6lLUfawHV1IAR/Q
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2980 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2980 AcroRd32.exe 2980 AcroRd32.exe 2980 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7714636272cad5d49a440649a2225457_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2980
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55d42f4166b9b6ba8cbb333a36293e348
SHA140e8b2e0a85d67925e390754b14377742bef901e
SHA2563dd801e1752f3c5a8068cc3a5734c12333ea8f43de8fa118e5255ef40f50d712
SHA5121c2aa307091c02a5b4bfdd765546392fb7fab205c65b091de2121380444c0082ac925f276403092d66e6cf32570ca998738de59b9ea94eb6c8096d520bdc505a