Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 06:12
Behavioral task
behavioral1
Sample
90ca5aebaec85052179a547a85958401_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
90ca5aebaec85052179a547a85958401_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
90ca5aebaec85052179a547a85958401_JaffaCakes118.pdf
-
Size
43KB
-
MD5
90ca5aebaec85052179a547a85958401
-
SHA1
f3e33197bb8105965688865334ea7db6c3069cb9
-
SHA256
a6764773a4065a1428ac911a89396919876ddafc77047fea2284bc67b0729dba
-
SHA512
fc427e9480f792a2e10614d68fb5b65d77348db3eca642bf199c7fd6695c46a1bf81401784ecaee59d87c5bbddde598715f515398d66fd9c6d61e2fb422a867a
-
SSDEEP
768:kXuMZmwgCLWariE5HpxsChDbqQdplWXTIOuBL/hdT5U/FUtsxMzbWv6UdZ3Q:kXFZmGWSTjsChDbqQdplWjk9TiNUtsxI
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2728 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2728 AcroRd32.exe 2728 AcroRd32.exe 2728 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\90ca5aebaec85052179a547a85958401_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2728
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fec9919039373380c43c08b2b0abd110
SHA12326a1022c668e741915a04be90e916391d8a6cc
SHA2566c460de86323d3dcee4690ea28b0e62ec97e72bb8d2ccacaf5b6c5eb7b42e110
SHA51206293670e22dc3ddbe209ab2d2e7ff8ada2530f8acbb052695e023744fe083d5c877328170f38854888177484b6979ec2fe3ffdb41fdce11a32bf1197a197427