Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10/06/2024, 11:27

General

  • Target

    9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    9a80f8983679076732b0fd48f9bd3f8d

  • SHA1

    5d8d1d8a5d9988e59c5b7a0cb532661378d5bc6e

  • SHA256

    0c31138f3fbb246334fec20b64093b5ed17e14d366a6359f7c249239807eeafa

  • SHA512

    37ed6ec1b8af2d6d2a6b5ab553228f27acaa1bbc6d5b21ad55a588658a34b8733093872eb9de5a342546c06a6fe3f63fc843dcf8e93399d4ec2a8f533f9bc823

  • SSDEEP

    768:/gGzpDyBVksi89Y35vjUFcLmY3NtqGa7q13F/hjjtCS4487FKWr2ke4dBIfR6:IGFmy9/0z7FKQ2kqfR6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9a80f8983679076732b0fd48f9bd3f8d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5d2690cec5f45ecce8bb61e912b77d25

    SHA1

    e5ec295f49e3427621dfe73b26f2246726d21743

    SHA256

    2a979c55cec56c26052d2b339182d34b02c925a85af14e7b5baedfbd04c444f0

    SHA512

    f0cdf99658e7ca04a000f786ba50bcb5a800f1414d481557e0fe396577cfd0315f80c63320a9174c5235348024aee45f645b7958cc1529225665c4a2c27f5d19