Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
10/07/2024, 06:25
Behavioral task
behavioral1
Sample
33a3f7b82864ff420fb2f901881161b2_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
33a3f7b82864ff420fb2f901881161b2_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
33a3f7b82864ff420fb2f901881161b2_JaffaCakes118.pdf
-
Size
128KB
-
MD5
33a3f7b82864ff420fb2f901881161b2
-
SHA1
417a5f55cdaabb97d1f97b5545ad166af16761dc
-
SHA256
6e703e09a84219acb6a7ae15b3d23939dc946498e148caf56524d0a2c95076cc
-
SHA512
0f30796984067fd336d9256682261e28c015057c831e97277aea3cbd40bc56a7853d828e9532a3e4f88568266ffe6999646b7d6d9ebc99a5b7da4a6e85ace52c
-
SSDEEP
3072:OZgJBH3gbicP8yDyTod8EkwBGI9ujANKrB463q:IgJBH3gbNkLTod6wkoS9rW
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1916 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1916 AcroRd32.exe 1916 AcroRd32.exe 1916 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\33a3f7b82864ff420fb2f901881161b2_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1916
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57e3654156dd520bbde548f77e48cd4b8
SHA1228bf728f540a1249998297107926ae9ec28cedd
SHA25629f2b410de23633deff3c759f867459a1cfe681cdb5023a609d7fea0f330f934
SHA512435711ae45f0461d4f84e435ac9f69254d09406768050aa63845f2de7bf33aa387625c9a115001ee753027d32a746becddf1e425aa895790c9f995f9555ef72c