Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2024, 05:10

General

  • Target

    212c8cb1638cf96d84a6eee88d69ac9e_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    212c8cb1638cf96d84a6eee88d69ac9e

  • SHA1

    b96f3c3500825713a7d53a97b5dcd19b6c7b7631

  • SHA256

    6f8c7db464dba934aec2b8c47d4a87a5bc25fa9e01c67c1ef56840ac06da5a6d

  • SHA512

    0293cddac37c77418fa5a33c33b7bc445b6f86de3180f2f8c85de7f0acb58e30073b8f752f836ebfd6eb3962455231e6704654ff991e8580f24f858d2c889b63

  • SSDEEP

    1536:5ByWDwrr+DM1vPkrbgBPO3D7heYYaJnr6IBrvCeWmWIDSTb72MwW8pO7+TDDk:Twrr+DM1vPkYQGaJr6IBGw+baMb7+T8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\212c8cb1638cf96d84a6eee88d69ac9e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3381d8daac8e0188c35f6b3bad0d3d86

    SHA1

    b2cc5446c7e58111d9464986fffb0dc32529ff66

    SHA256

    db29d3dda1347425f2ec3eec422c1114a627642c5c80d69d823e881495f76ac1

    SHA512

    e678f282d35814888d6d0d47725c8a7782f6c58cf1bad72c4e5b7f34c5b821f2fc806536fa9a822f4727004d52dd52539bc791fee04eeba2dac4fc5455f76f6c