Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

2f3672a2d6...18.pdf

windows7-x64

1

2f3672a2d6...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 05:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf

  • Size

    8KB

  • MD5

    2f3672a2d65f0fa184a4a1ee5638d679

  • SHA1

    1128f0ff1ffc03b92f3ea42366c472cac032831b

  • SHA256

    c8e5b667dbdfa9dece24b1e245412403960356eda95ef32e8a9536b0884ce23b

  • SHA512

    b530bea0d961169cc7ae9404ca491f9351c24ebcbdd7fc3389abff876f52718afa4538cab17f686e95115ff8f69efac629a99a5605614350e4be81bc32de7fbe

  • SSDEEP

    192:2P5uFm4ktFt4qfKnOba+T6EmsWY8jhTfTSiiDnLYntQpz2xW0Yk:2P5uFm4kt/HSN+TwY8jhfTJkLYntCz2d

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c7724642c14209e49b6b3641ef9f32e8

    SHA1

    bec18247b3853cd439dd2176fe4e356b400a3cb3

    SHA256

    f5126201aef2d92db3d4043b2b4713eca1c322d0406bae3f98406fb1d072383b

    SHA512

    8637176fb54fe93d9abc215b1b4abbe897a245022ca8114054c1f5af22a4e6d1a7064f8725f95a512c2cdbf75242a2ab52f18227baa24e790babbd172a821815

    Download Submit

  • memory/2544-0-0x0000000003F30000-0x0000000003FA6000-memory.dmp

    Filesize

    472KB

    Download