Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
25/06/2024, 17:06
Behavioral task
behavioral1
Sample
0edd1473a9b1f00c5fd37f154f563036_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0edd1473a9b1f00c5fd37f154f563036_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
0edd1473a9b1f00c5fd37f154f563036_JaffaCakes118.pdf
-
Size
81KB
-
MD5
0edd1473a9b1f00c5fd37f154f563036
-
SHA1
1c96d5530bbf714678d347384f6cecb63e517cbb
-
SHA256
76513ace7e93271a9b2a59f14da0edea0e58051daf6610969baed8b635cf9132
-
SHA512
c8877b2d5561af785ed25e3d403ed514678227ed1d269b3fc5f104f1336e433b4405bf13ac643d559d8c764bc2d28710a3b435b4823a1f52f5239cc0610af335
-
SSDEEP
1536:8Yk+075zMDhs7/a7ZtNUGT94dmEUzmDHxlCddz0bWOpOwrKW71VVeRd+HV:7k+075YD4altLUpUzeHTCd/wrZ5KEHV
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2976 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2976 AcroRd32.exe 2976 AcroRd32.exe 2976 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0edd1473a9b1f00c5fd37f154f563036_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2976
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52f36ee370858f2d4c3dd55a27f88461f
SHA14912d7c07a8a7a579f99631e0c9605d5e6cccc04
SHA256e646b088d771b34ad0bdbd0c787082010b4d40ab296c2ae0527864a28a1c4dc1
SHA5128cad5e293f5b501c4bdf82832d45bd98ce472d5d60bbae27170161b8d592685203a70e1c415073a5504908c130a0bbcd744f311684b4d2543510922b44ce5f8d