Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
07/07/2024, 03:45
Behavioral task
behavioral1
Sample
29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf
-
Size
87KB
-
MD5
29b5b9bee7090db75c6bf78613676afc
-
SHA1
9b9cd1a951700d6a5159ea83ec279c6ed4db028d
-
SHA256
fbed629934c8317129209c2ee88884d85a93906a88195473b078094f0b4e0509
-
SHA512
c88d32b20cbeff4549d6684b096893e57fab71e4ffffb4c13853d1ee43ed3af42468acb7d68d9351001e51e0af883c46f232e90cc3312f5c5c9ef203e973e71b
-
SSDEEP
1536:8I/C7tVOfCi5H/u55SfnT+Wk7avWeTh+EpXs8UfOyjWKx073hqxDwRkWepOZrWGJ:r/ytVyLZIEfKl7KWYBqvWKE3hWDE5ZHJ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2108 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2108 AcroRd32.exe 2108 AcroRd32.exe 2108 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2108
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57fb27537613244d5fcb56db5402c3d17
SHA10840b8af393bb3fab43e13500a432e840c2610ff
SHA2560f520ff78704431bdfa2d8a4c547a40d886c22f4d03ad284f29c2efcb159a0f0
SHA51239281c5dd7ae5dc32b9f0edcbf6c34c5749677ebc601f2312e74cee2b0aa9317c2987b66bce617d92303c33a8fec93c66a07e105922ad679683983781ed466bb