Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 23:43

General

  • Target

    8551aa61bf416e039215924fd66dfb1b_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    8551aa61bf416e039215924fd66dfb1b

  • SHA1

    44cfa7a761c699d7e509f276032e9e196fce5f6c

  • SHA256

    858a09ebc8849409490ccd30c3f73bbe766c27707330e61e48fe90a5bffec8be

  • SHA512

    20b425d6626bb57c033eaac4d2738d45853a5baa4bfb2d51245b49d2bb164e7317a60a28a52d2303a8ef3b22fba9efe5099d98a199d01fa6db9c1dd473f685f6

  • SSDEEP

    768:UgGzpD2pCUZx3Qqrfm3+KjPTrC9Z6rzxjI1bSUEsrP9AKFVzAq28Iy8Zy720b:hGF6pFmuCbccr1PCVzh2Vy8Zy720b

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8551aa61bf416e039215924fd66dfb1b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    33c05347f6013462bdf99ec77f04a3b0

    SHA1

    a3b06f2be7275069291f5d522dd0015c6c3ee188

    SHA256

    ac7a61770b65984147cb8fdf5fde3e447040ec025028db3e39a49055e96a04da

    SHA512

    9e442c7cbe9ef733c4fd46da5f2f6b742ac87d06bfc7bbc6eb6ea71d1d4a0fb8128961b8347ee5f62b2ed30568d8a982ad46ca084d8624cbca86981770df7e39