Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
10/06/2024, 11:27
Behavioral task
behavioral1
Sample
9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf
-
Size
42KB
-
MD5
9a80f8983679076732b0fd48f9bd3f8d
-
SHA1
5d8d1d8a5d9988e59c5b7a0cb532661378d5bc6e
-
SHA256
0c31138f3fbb246334fec20b64093b5ed17e14d366a6359f7c249239807eeafa
-
SHA512
37ed6ec1b8af2d6d2a6b5ab553228f27acaa1bbc6d5b21ad55a588658a34b8733093872eb9de5a342546c06a6fe3f63fc843dcf8e93399d4ec2a8f533f9bc823
-
SSDEEP
768:/gGzpDyBVksi89Y35vjUFcLmY3NtqGa7q13F/hjjtCS4487FKWr2ke4dBIfR6:IGFmy9/0z7FKQ2kqfR6
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1904 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1904 AcroRd32.exe 1904 AcroRd32.exe 1904 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1904
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55d2690cec5f45ecce8bb61e912b77d25
SHA1e5ec295f49e3427621dfe73b26f2246726d21743
SHA2562a979c55cec56c26052d2b339182d34b02c925a85af14e7b5baedfbd04c444f0
SHA512f0cdf99658e7ca04a000f786ba50bcb5a800f1414d481557e0fe396577cfd0315f80c63320a9174c5235348024aee45f645b7958cc1529225665c4a2c27f5d19