Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    94s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    07/07/2024, 03:45

General

  • Target

    29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf

  • Size

    87KB

  • MD5

    29b5b9bee7090db75c6bf78613676afc

  • SHA1

    9b9cd1a951700d6a5159ea83ec279c6ed4db028d

  • SHA256

    fbed629934c8317129209c2ee88884d85a93906a88195473b078094f0b4e0509

  • SHA512

    c88d32b20cbeff4549d6684b096893e57fab71e4ffffb4c13853d1ee43ed3af42468acb7d68d9351001e51e0af883c46f232e90cc3312f5c5c9ef203e973e71b

  • SSDEEP

    1536:8I/C7tVOfCi5H/u55SfnT+Wk7avWeTh+EpXs8UfOyjWKx073hqxDwRkWepOZrWGJ:r/ytVyLZIEfKl7KWYBqvWKE3hWDE5ZHJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29b5b9bee7090db75c6bf78613676afc_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    7fb27537613244d5fcb56db5402c3d17

    SHA1

    0840b8af393bb3fab43e13500a432e840c2610ff

    SHA256

    0f520ff78704431bdfa2d8a4c547a40d886c22f4d03ad284f29c2efcb159a0f0

    SHA512

    39281c5dd7ae5dc32b9f0edcbf6c34c5749677ebc601f2312e74cee2b0aa9317c2987b66bce617d92303c33a8fec93c66a07e105922ad679683983781ed466bb