Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
09/07/2024, 05:55
Behavioral task
behavioral1
Sample
2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf
-
Size
8KB
-
MD5
2f3672a2d65f0fa184a4a1ee5638d679
-
SHA1
1128f0ff1ffc03b92f3ea42366c472cac032831b
-
SHA256
c8e5b667dbdfa9dece24b1e245412403960356eda95ef32e8a9536b0884ce23b
-
SHA512
b530bea0d961169cc7ae9404ca491f9351c24ebcbdd7fc3389abff876f52718afa4538cab17f686e95115ff8f69efac629a99a5605614350e4be81bc32de7fbe
-
SSDEEP
192:2P5uFm4ktFt4qfKnOba+T6EmsWY8jhTfTSiiDnLYntQpz2xW0Yk:2P5uFm4kt/HSN+TwY8jhfTJkLYntCz2d
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2544 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2544 AcroRd32.exe 2544 AcroRd32.exe 2544 AcroRd32.exe 2544 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2f3672a2d65f0fa184a4a1ee5638d679_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2544
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c7724642c14209e49b6b3641ef9f32e8
SHA1bec18247b3853cd439dd2176fe4e356b400a3cb3
SHA256f5126201aef2d92db3d4043b2b4713eca1c322d0406bae3f98406fb1d072383b
SHA5128637176fb54fe93d9abc215b1b4abbe897a245022ca8114054c1f5af22a4e6d1a7064f8725f95a512c2cdbf75242a2ab52f18227baa24e790babbd172a821815