Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
11/07/2024, 09:35
Behavioral task
behavioral1
Sample
38972828816b0691a3ecb6cfe2fbb3f1_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
38972828816b0691a3ecb6cfe2fbb3f1_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
38972828816b0691a3ecb6cfe2fbb3f1_JaffaCakes118.pdf
-
Size
96KB
-
MD5
38972828816b0691a3ecb6cfe2fbb3f1
-
SHA1
e696e8f6797876b9a50ed48f0456653ff720979f
-
SHA256
e2b76d08318888b83703961a9e5db848f23beac70479434a907d633379ef3180
-
SHA512
809c75bcc75eb849e727121491a77fbf4a37dc09c6316a68bb097eecb13a417dd06c8c338d435ad279112c96ee8b92494fb79aa867a2e1bd47ff3e90eae0980f
-
SSDEEP
3072:8YuWtl7v0suRgFUini+lF7V/YXDRa9AOgKASsI1/7Zo:8jW7vP8gzB3VwoPSB
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2736 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2736 AcroRd32.exe 2736 AcroRd32.exe 2736 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\38972828816b0691a3ecb6cfe2fbb3f1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2736
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b8b44a882f9d1b65f7b919b05fb67d0c
SHA16afbdec57f339326306fae876187b96c57124ee0
SHA2567f715d543d4a72f4c50ba0240f2b817d7fb2f614887df167a1344ccccac8a23f
SHA512ccfd8845500c19f28ddc59e34c56a908ec1f3ba5a4a090b7fc0b6e5b03f4c6db2eb5136eec1756a86bc9939408c2b1189944e6c61e52140392de8274731a0d99