Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
28/06/2024, 06:10
Behavioral task
behavioral1
Sample
191064cd195900428882556b73a4ae6c_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
191064cd195900428882556b73a4ae6c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
191064cd195900428882556b73a4ae6c_JaffaCakes118.pdf
-
Size
2KB
-
MD5
191064cd195900428882556b73a4ae6c
-
SHA1
b74852f6c236277e72c3b4cd51ea3fb6a28f2670
-
SHA256
fed04db831db307383519ada0bf1a3737eb84c8b75f152af86cd8983a5fc10c8
-
SHA512
67bed0332051d4dd1c16767efdf02313e08e2b70939e555c7ff35dc7757a9b1284d66382ce8c0cead99b1d1920567d0cb623cf855ea2193d924f2725cc04af3d
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3060 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 3060 AcroRd32.exe 3060 AcroRd32.exe 3060 AcroRd32.exe 3060 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\191064cd195900428882556b73a4ae6c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3060
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD538ef1b5e6beb7a58f1ba690411b54acf
SHA1fb1fdcc5d58f8e2a47ee19a4da922d337eab863f
SHA256a7aeb9901992d2443c46d3afc953f74d2f09e5c280b0df7da56f08e3e282c94f
SHA5127924a5475d5b785799a92e56845df65c3ea4f51a0e716de532d4e7190e9b11f1ee4e3ca0824514f91fcc36c06cd6a702ab3f7badfff883d9e0ec2cd1c1869c0c