Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

852ab6d58d...18.pdf

windows7-x64

1

852ab6d58d...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 22:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    852ab6d58d5b2792bfcba7fda7b63604_JaffaCakes118.pdf

  • Size

    49KB

  • MD5

    852ab6d58d5b2792bfcba7fda7b63604

  • SHA1

    06ed5f9a7c0d927db475505db83c80bf0db63c28

  • SHA256

    90421acca991a44645656146bb4e54cd8b45a01fb8bfaedd6b541600d0c7f731

  • SHA512

    e84d9a9486683a6dcec68115fd9a6cc264ae06732d051fa9cf5691351c2a63e902c62e20d0a27d3c1420b11c10ab11ae5514f027c5bbcd8ea8a1c1b013c1bd39

  • SSDEEP

    1536:LGFHYlR+/mgk4+WBW2PEuhCBMfWimc4oEr:qFHdmj4PBvEuhcM5Z4f

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\852ab6d58d5b2792bfcba7fda7b63604_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c4dc8165239b5ed5fa4f486a60ce20ab

    SHA1

    e8de206aac3c529c3429fc90ece00601e4989991

    SHA256

    724e4e4afc4251b3cc0260f2497922c1d5b2035cee2f0d41055f79a8f6bf4d0a

    SHA512

    13aad138b6b03b3954e5b0fecf6bc406fbadb25225a29fd19c29b73488bbcf4f886df5b9d2f833f40a49fa6483455a00a375170c42ed9c66e016d74c24e73505

    Download Submit