Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 18:22

General

  • Target

    0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf

  • Size

    90KB

  • MD5

    0a1a23dfda914a495f9d7daf2824d726

  • SHA1

    bd4f456359842ab983e2822a3eeb873f26acc545

  • SHA256

    2961c2fb149ecb39615460d798f1759bd805fd5593032c0c3c1da3aa47de1411

  • SHA512

    9ffdf3027250f95e64ca126774c75e71e255a65551b91e9acbbf2b2ea3953bef95a12d37632f2fdf02545ad3fe744ff29345df6148a4d722e3cff8af6dca569d

  • SSDEEP

    1536:zVoeKA7om25+0CHqE9ogEPqltu4GxLCWkNpOP80Sx3OpWOvxukqBwa/v:Jnl0CHq+o7v4GxLnPZ0OVuKU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0a1a23dfda914a495f9d7daf2824d726_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c98dcc8aae1ece97fb3164ed258124b8

    SHA1

    96fcd351a68a3dc029bbe6bad0d14d4714bcd0eb

    SHA256

    d66dd6e04edde13aad05fa4b030559da1ba9607059c300fb5b7bc97378f72643

    SHA512

    dc08815a4eb19aa5925345aaca8222f628da85f40bfbc24469947ae29b4b6de0c95962b65266534fedb862afffe24990d313ae202e055031eae19143131f4b3a