Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 04:20

General

  • Target

    02c1c67c85f5923d16c4153260223772_JaffaCakes118.pdf

  • Size

    16KB

  • MD5

    02c1c67c85f5923d16c4153260223772

  • SHA1

    86844a98f53f855f8865d2a71d55a16c90f02924

  • SHA256

    c9a0908ac1a6462a6e91042ec381d349553e1e17af4e898bfa7c75c5c4b58404

  • SHA512

    fa409bb45e4c41c71aa8c0a2ef8e994dfae4f5cc56bb7ce62ee0588e8871164d48f9c3395528694de72f60dec4b969877feeb76c44d38a2bfd4256afea79002f

  • SSDEEP

    384:4ONyCeewIjJizSZfy2Bk3icAG96xMzj6jmwyuFfxMzH9HQCQYzSnQVEv:zcZoEExFotVS

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\02c1c67c85f5923d16c4153260223772_JaffaCakes118.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2020 -s 760
      2⤵
      • Program crash
      PID:3068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2020-1-0x0000000003180000-0x00000000031F6000-memory.dmp

    Filesize

    472KB