Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14/06/2024, 09:14
Behavioral task
behavioral1
Sample
a8e8b3e9cfdc012f19c2ac83ab32804c_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a8e8b3e9cfdc012f19c2ac83ab32804c_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a8e8b3e9cfdc012f19c2ac83ab32804c_JaffaCakes118.pdf
-
Size
33KB
-
MD5
a8e8b3e9cfdc012f19c2ac83ab32804c
-
SHA1
5f2d1752b634b113d29eb3073116aaacd1f875a6
-
SHA256
c055ffea79efbe25bab63d82350b751ca612d097cdb323bf344977496e34ea62
-
SHA512
0ee1f1fb1c3fff929e896c3db6fb9d9cdcaf0826beee37410550d09de465e5b42a2df0771e702e0eda0ba487fb32fe55761c4f700919efa18bdfb0e095d658bf
-
SSDEEP
768:NgGzpDmqR8R1vANIQHkzOkDSx+hR6aHDurgsGezMqlwb:uGFK7DSx+h8ajurjGezRlwb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3052 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3052 AcroRd32.exe 3052 AcroRd32.exe 3052 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8e8b3e9cfdc012f19c2ac83ab32804c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3052
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57689f8c5a067554ef001a2e1e8520341
SHA1b5604a20d49ad12d9f3f1a3a46a81247035f3bcd
SHA256945635886c5af05f2c1b16abc0a74a069c1cf6bc2204ee02a8a7b2abde1837ef
SHA5122a1ddde856d53716028809588b775f25d6a6d10513b8deced3121de937e6c80fd9843e94921cddab4cf3e58184b9dccac34b665a2b25d4ae3de150c14daa36d4