Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
26/05/2024, 04:35
Behavioral task
behavioral1
Sample
745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf
-
Size
49KB
-
MD5
745771ac25a11adbb98527c39e9aeeb6
-
SHA1
aaea37a63e156678fbb9caf6ea6477e726a81342
-
SHA256
c626f668b8c43391d9c553f04b25791183f7f808b09fb3be2984cfdb21b6fed5
-
SHA512
5752d6d39ebb81ed94093fb42afde8ef3572b2511af19a86c6c4da5656e8fe25cf5bcb1f501bb6b12e435a999772d215e87fb2737c3449a8aaa81b4b19770b09
-
SSDEEP
768:PgGzpD7hgiXpbeMGfEo0UGCfXw9TQ+OcRS5ce34kjJiLbVoPF34n5CfFme1axz/J:4GF/14/Xw9TNS+eRiLbSOnMFmJxfvCRs
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1700 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1700 AcroRd32.exe 1700 AcroRd32.exe 1700 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1700
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f1acf509fabff2d78656113e8548e748
SHA196db2db52a902bd85661fc08f94ef42830baa4af
SHA256a86728747a720fb1fe3cd0bfdb98cba9358a063f1d5d172de4ffbee835eafeac
SHA51244051db7be29cc12c7ea88d8426769f7020cf7af62f111190b2742848f0aee60b922535b0ae02d9d866ef4a7954877b60a7dbe70cdff00590063518bc989e94f