Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
24/06/2024, 18:22
Behavioral task
behavioral1
Sample
0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf
-
Size
90KB
-
MD5
0a1a23dfda914a495f9d7daf2824d726
-
SHA1
bd4f456359842ab983e2822a3eeb873f26acc545
-
SHA256
2961c2fb149ecb39615460d798f1759bd805fd5593032c0c3c1da3aa47de1411
-
SHA512
9ffdf3027250f95e64ca126774c75e71e255a65551b91e9acbbf2b2ea3953bef95a12d37632f2fdf02545ad3fe744ff29345df6148a4d722e3cff8af6dca569d
-
SSDEEP
1536:zVoeKA7om25+0CHqE9ogEPqltu4GxLCWkNpOP80Sx3OpWOvxukqBwa/v:Jnl0CHq+o7v4GxLnPZ0OVuKU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2284 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2284 AcroRd32.exe 2284 AcroRd32.exe 2284 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2284
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c98dcc8aae1ece97fb3164ed258124b8
SHA196fcd351a68a3dc029bbe6bad0d14d4714bcd0eb
SHA256d66dd6e04edde13aad05fa4b030559da1ba9607059c300fb5b7bc97378f72643
SHA512dc08815a4eb19aa5925345aaca8222f628da85f40bfbc24469947ae29b4b6de0c95962b65266534fedb862afffe24990d313ae202e055031eae19143131f4b3a