Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 11:01

General

  • Target

    081f222d726948116f371bf9f925618b_JaffaCakes118.pdf

  • Size

    87KB

  • MD5

    081f222d726948116f371bf9f925618b

  • SHA1

    8bdf6c08c585d9704bf96f7563273cf50c65f1e2

  • SHA256

    70176c02a8af58df46356a1277b1bad94bbf2e1022d293178409cd4779532560

  • SHA512

    2d77e983b5b14a35ea30098d65271b925e45b8b862fadf0c8c4560be5df18bcd4b2af2627866d76d319635d7b70689d2fedc955e3a786bf23b7de9d1dcb3175c

  • SSDEEP

    1536:B94sL39+AvgZiwvfrulRZXX16oMvXnOSNE+e6NIdvzSWHpOvXtvDeSKWyT/vShu:osLt+AYZiwnojH/M/OeE+e6Wdvevdbe/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\081f222d726948116f371bf9f925618b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1b83806aa6cb8a2c9c3af1a55b1edb7b

    SHA1

    7d157307516889fceade48ab377290a9ab0e0854

    SHA256

    7609fcf22943dad2a4c8447f6640f84dffb45ffe3c93fe462e9027a861a2f229

    SHA512

    d54eb442d2c9c1acb426277c9bb9274ebe1d10fce1cd18ecabdf8be5fae2af71fbd124393f8ccbd03b2af49b76e5a8aa4bf54faebaee9ad01566ee7b059330ee