Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
14/06/2024, 22:36
Behavioral task
behavioral1
Sample
abcaffad3f589794d3f4a7dfdc7708f7_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
abcaffad3f589794d3f4a7dfdc7708f7_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
abcaffad3f589794d3f4a7dfdc7708f7_JaffaCakes118.pdf
-
Size
23KB
-
MD5
abcaffad3f589794d3f4a7dfdc7708f7
-
SHA1
ca73e4b8f567c76977c035888e2d5ccb59a5d9af
-
SHA256
3b9036ed8a907d5a35bb171642410469e5d7d60c9327214626d1b555b876c93f
-
SHA512
9bf466685846748ac3437999d2774463b6dcc20f6f3f6b14c5cc3f5027166a5bab04231fbe4dc6ace4daa600127e444f2183932e9962c120059c14feac6eb5e6
-
SSDEEP
384:VzdmMSEesIKtz17ycsBD4fhObDxykTu4i0Zc2XgOdDbJwEHGXlXgyk/ljqB0FyHD:VzDtIKtz17ycOUZm9ykqj0LXgOdnJwKu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2312 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2312 AcroRd32.exe 2312 AcroRd32.exe 2312 AcroRd32.exe 2312 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\abcaffad3f589794d3f4a7dfdc7708f7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2312
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD525577f1e875652aa4b17458619bc287e
SHA1cdcb9481fcbe8685f186c174308f3ae30c21556f
SHA25607f836acdd78739a159a3efc1ef52a48218867250ef4db370731e5b3b3e41c23
SHA512923567e5bbe08855179823f3d4d571cfc0369d407a050c49294b9539efca5996bf2bba00a8f5e59d46c463e6cb88ab7104ca5964fae63728b487d1d869d1c1b5