Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2024, 13:29

General

  • Target

    162bf22c209001e12101973c74227f86_JaffaCakes118.pdf

  • Size

    95KB

  • MD5

    162bf22c209001e12101973c74227f86

  • SHA1

    adf4f0d7cad39fa6068b647ed40186d2aaabbf5e

  • SHA256

    3fe63606cdd7dcbc51dfbdc57617ddba3173bd7d79b3300bf7b9b736520ee5e0

  • SHA512

    aa0dd818066cdd0bc0ccf092b9c19d5f22d9415b9de3bcbddf76b8a3d04458666a9b984d9015c70fee11a06fa6a36ea2fe224f1cbdd096f9d14a59f65f950143

  • SSDEEP

    1536:NZjDU0LAPNOZn+rg9cNX1Mc7EDQQvugKfU8mQ5Wh+OWVJB9Te7OeR8gJyQpPlWOu:3s/kZt2M6nVUdtEgOg8gMQPOZyTr4Pz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\162bf22c209001e12101973c74227f86_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    44a8ef80ac7300b235eb7e655dc49e3a

    SHA1

    c47eecd3b7ada609fe709b9f45f39bf3eafd0fe0

    SHA256

    3cd24f2c3913ed9441d6a09807213477fac7a59b315563c97741d4bff7893078

    SHA512

    fcf22527443ff22a9d039e8cc20456a71530c341c5f6087c2f69417fc18546617d321d3c440bb404322f2fdeae189c1096c3f7ab56b4642ddeeadb30ad25f5ab