Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
17/06/2024, 09:35
Behavioral task
behavioral1
Sample
b7ec2d968722ea4b55a91785cc0ea741_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b7ec2d968722ea4b55a91785cc0ea741_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
b7ec2d968722ea4b55a91785cc0ea741_JaffaCakes118.pdf
-
Size
67KB
-
MD5
b7ec2d968722ea4b55a91785cc0ea741
-
SHA1
0a98f11a504bcb8bb0f52b0cfb03b831008e363e
-
SHA256
c145106293489dbe2990f877160af86938dd60d76f5e1d79185790b26020f509
-
SHA512
135b30aa418cb3cc6f6c7c13123127958d90426617d1b06bc3d5176bcf306bbd82c0d657e0330e6bc13c37174371d2d52c04ca4b4986ffaf89cafec62052e83b
-
SSDEEP
1536:DXFZmGWS1zgIs6GDwfVUjmBtvK7t/JNmF9Fav1e3gjV0ofV2:jys1zdNUibok
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2020 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2020 AcroRd32.exe 2020 AcroRd32.exe 2020 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b7ec2d968722ea4b55a91785cc0ea741_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2020
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5480cb4c3878c67aab3b546d746a8588c
SHA14f1761d9a10d2dcf47b11ef5f4e46653e49701e1
SHA256cbdea8edd73c670a8a2843fc5864e2d54c2bae71f544ad528ee6319d0e55c3c0
SHA5127c91557810373a678e9623da6068105b8f16f74fe90b2123ce06b2d332ba283492d6e2495ccc7dfbb8573920fbdcd3b1fc0a0b091c825730e3c7c5974cc088d3