Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 07:20

General

  • Target

    a87f20594bfe21e78050788977d8491e_JaffaCakes118.pdf

  • Size

    35KB

  • MD5

    a87f20594bfe21e78050788977d8491e

  • SHA1

    515be6b2ff657571cf03a6f415725566e4748334

  • SHA256

    2440659445ab11e74f47145b76998b222b40f372fef31e060c149f952c621f1e

  • SHA512

    b01fe888c0c59c36f9a70962c8c4e0ebef4de6743a6416d4655ab3102ceb39696a228e25cdb08edd33fff6ef09898ba346c00395b96df1a77a6bdd44b83a26f0

  • SSDEEP

    768:DfTItbpLHARl2/pjxwfDigK3JByW1KhO201TaVBV8i31qPVVsGjmceE5NXuMZmwK:zUbpLHARlcTeeg8byW1KhO201TsBV8iv

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a87f20594bfe21e78050788977d8491e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5d66e41192891b0d4c9679f51406433f

    SHA1

    b4202e342ede7af4408976c80012aa5c7d7db405

    SHA256

    93e6791b0f1a8b9b24bdd8366b245a61f22420b3286edda630cd11e92d1ced2c

    SHA512

    4bc0b675aca3631e759df57b33cfe89d07dbaab7aa92ea2b454a99461baca50abad65cfb4e10ce4c95b29bfcf1ef54e2d56f1084955103365b45ad306505d463