Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 05:34

General

  • Target

    0cd094249cf702ff9604ca1db7957d82_JaffaCakes118.pdf

  • Size

    15KB

  • MD5

    0cd094249cf702ff9604ca1db7957d82

  • SHA1

    59b84be1462c94912f4834689186e2208abb3c8e

  • SHA256

    0eab6e05a524ebabbc2db23277ce54631836575be3fdc83a8b1587c5936801f5

  • SHA512

    c1a6f9a1f0ae4c36de5b24344e9e8d28285c471c7b29141587b3027cd7c3f277207dd112bf4b041bf35763967c9381248f3e295c21da892dfef1871f38815f7e

  • SSDEEP

    384:rP5uqkrA5cNGFDnGTQnMrETsZyXtJUfOW0E0s2BSKXkaUfL+PDRujxFOYX:CacAdnzMks0e0E0soSKVUfLMtujxF1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0cd094249cf702ff9604ca1db7957d82_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d1842ab9d9abd739d5f0298d9c07067b

    SHA1

    f27e5ff8cde9cfab524e41ceb562bca8fe0c6c2d

    SHA256

    cc5ad4d3dd3052a4b39a117aa2a11fbd9aa9ecfeab15740cfeaeb6ac615e4eba

    SHA512

    1b93c8f41a91b9e4ff78ca2247011fefaacb13c0caefeec6ed4a5f0711a26021bba77a5c68342cc506a0e5ef5018baa7c5d9106950157a6b658219b1b2c92d86

  • memory/2952-0-0x0000000002650000-0x00000000026C6000-memory.dmp

    Filesize

    472KB