Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    17/06/2024, 04:30 UTC

General

  • Target

    b6c24e3a8195e89c20a5e629d4a52d20_JaffaCakes118.pdf

  • Size

    53KB

  • MD5

    b6c24e3a8195e89c20a5e629d4a52d20

  • SHA1

    2573bc0e915cbdf97d6324c17262c54ef245cc29

  • SHA256

    075439858c492fe9051b35bfdbd305fc2d0896317d6e750656ace214e93887a1

  • SHA512

    e58589f3ed132e2162c8b7f82e951868b756af2d524c499c67d8c1a6a36ec135af0461134425ffa55b79a26a00e5264066952bda0d6d9ca46372b3031bd8fd6d

  • SSDEEP

    1536:wGFSpMiNfDfM7reNccwpeLQiXhIlgx78+VM1BOEUZD:9FSpMiNbereGJpeswOgxY7rOEO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b6c24e3a8195e89c20a5e629d4a52d20_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    57c3d33259c2ff4e64f780659ce471c7

    SHA1

    672fa037445bc672f6397c1c86f590ae971b3df3

    SHA256

    e221bc1113b0092ce7b451ae4058fd32b877190bec750cde610500b6bdca3a79

    SHA512

    4f48f4c57d65030b9d87d2d75b4c7f75a0ab53b141db4f108d15cbd116b773389d435fdeb641cc076908fa6d35ebed1715b42d48f1fed2f3892deaf3a7f9fe91

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.