Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 04:35

General

  • Target

    745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf

  • Size

    49KB

  • MD5

    745771ac25a11adbb98527c39e9aeeb6

  • SHA1

    aaea37a63e156678fbb9caf6ea6477e726a81342

  • SHA256

    c626f668b8c43391d9c553f04b25791183f7f808b09fb3be2984cfdb21b6fed5

  • SHA512

    5752d6d39ebb81ed94093fb42afde8ef3572b2511af19a86c6c4da5656e8fe25cf5bcb1f501bb6b12e435a999772d215e87fb2737c3449a8aaa81b4b19770b09

  • SSDEEP

    768:PgGzpD7hgiXpbeMGfEo0UGCfXw9TQ+OcRS5ce34kjJiLbVoPF34n5CfFme1axz/J:4GF/14/Xw9TNS+eRiLbSOnMFmJxfvCRs

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\745771ac25a11adbb98527c39e9aeeb6_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    f1acf509fabff2d78656113e8548e748

    SHA1

    96db2db52a902bd85661fc08f94ef42830baa4af

    SHA256

    a86728747a720fb1fe3cd0bfdb98cba9358a063f1d5d172de4ffbee835eafeac

    SHA512

    44051db7be29cc12c7ea88d8426769f7020cf7af62f111190b2742848f0aee60b922535b0ae02d9d866ef4a7954877b60a7dbe70cdff00590063518bc989e94f