Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 23:34

General

  • Target

    3f5085fb51ecdc5ef600873406f97676_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    3f5085fb51ecdc5ef600873406f97676

  • SHA1

    fafe9cfc2eb2f976af7e830eb1fa4893c346e3ea

  • SHA256

    25de1a56dab9e0730e0829c1bea9db2d7b59e106cf57f0a9935e466e4a1d9339

  • SHA512

    f73b33d3b0d33b761e1e8b095d5dbbd6d9db8130b29a5b073b20729aaa7302b72b3e3129e7ef91efd8664edbf8c1333e09eb541ebe8d093f9bf119d24b088528

  • SSDEEP

    1536:wa/Cg3H50fB055sdVgYKnGVaDxhxyP8cG2cn+/BOyWO0LhBtJoWcpOmN5b:9CE0pw5sKGUDxhxyP8czFpOA0LhJzmr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3f5085fb51ecdc5ef600873406f97676_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    7cd57a26339701e2a04fe68f8677678e

    SHA1

    45be6ba5fdbcd21b6cac7434df6b078b3fe8abb4

    SHA256

    e7961a003ba9d387bc8f7b7c928f6903ea80b381a26a3626c2351fcda2d6a83f

    SHA512

    4b50f15bcd9a6cba58e5c503fa73f0b22b89ee1b45baa731f3963d6106d5d0d7560989dd115425a019b0c11118ed05b162d1f437f73fa291aa94088f6b638c6b