Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
04/07/2024, 06:08
Behavioral task
behavioral1
Sample
24e458250cb49b76b5b3d40cf1bf03fb_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
24e458250cb49b76b5b3d40cf1bf03fb_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
24e458250cb49b76b5b3d40cf1bf03fb_JaffaCakes118.pdf
-
Size
79KB
-
MD5
24e458250cb49b76b5b3d40cf1bf03fb
-
SHA1
91799052390b74bb2edd821fb3fba9ae8f695f77
-
SHA256
5217399eb1b8e26178c85c57b342a9530575e11c5be7f613a20fcb006ebdc906
-
SHA512
de644e394808cbc72e4894acab09885387c44e309f551c651cc256f3f169cb1e3c8b95ca77c84396d4003ab663e0040b9b312784e43c69465cbbbb06f246ac24
-
SSDEEP
1536:Y91sFnXhK2Fw0ZoSlAyE81Mpst9uhbN0CJXas6UeC6yUzd:PXcIw0LljEqMUSb+d7LBd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2428 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2428 AcroRd32.exe 2428 AcroRd32.exe 2428 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\24e458250cb49b76b5b3d40cf1bf03fb_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2428
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD572d279fe4e9076042015484f4c39292c
SHA19aaa50276c6204d51b5721847ef05d2aaedc6440
SHA2566b054052c8a012ea54921d2919994f7e95ec7d9e0514f51005e80cd30f4b2250
SHA5121f73ebc7047a9b162669fd89a9e724ec9b72975d70bf56eb2bde56f82d109fbdad635ff350c04408400a5d1f97cfab6ee1f128b8a6086aaeecfa42a00a9728d0