Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
11/06/2024, 07:05
Behavioral task
behavioral1
Sample
9d5e8282db484d85f09378b32391825e_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
9d5e8282db484d85f09378b32391825e_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9d5e8282db484d85f09378b32391825e_JaffaCakes118.pdf
-
Size
66KB
-
MD5
9d5e8282db484d85f09378b32391825e
-
SHA1
b6dae8b08638dd923fa4c20423ab4f895791e723
-
SHA256
f96478b3406bd461ca76c38e3fa486882a7104cafd2584ada169177637431fa1
-
SHA512
d07f20aeb6aae13f56944ec61be71cade194fc511a7034d217421fd6be9e731224b8c0093ef02690ffdf062cb0316247cd6b766d913e523e65c14011e23b7020
-
SSDEEP
1536:QGFmT7D9CQQwyghsxYvAsUXISxt49EQCbl8USd:dFmT7APzghstXVxtgEQCb6H
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9d5e8282db484d85f09378b32391825e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52c8736566b9d1d9adb3ff7658f65fbcc
SHA103dc1ab9eba025ce53be5560b751c9cf9a496486
SHA25654151175064ed4298eb5105c8198ca8c6d9ef49ceeeb37dac5de274e271c2354
SHA5126122bb4c3e49258896fb617d0dfbf418078ec5b9c3ee1f81cdc85cf8af251247e54534908828f176f33d653a2ae71a6236e072f8fe4bdbbe6af864a65a813a37