Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    93s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 10:15

General

  • Target

    3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    3cf7b25297a3a2b70b44005e1237d3f8

  • SHA1

    3104618adbf1ec35c892293ec7107b7a4ae2e9d9

  • SHA256

    407edb7e5f0dc4e9b78ef07ba7bbe514097aba79dc7b8c893307aff928878435

  • SHA512

    27ee848acd1fe602d88e3cb21dbaac835bbe59879ed2724bda68b087de85ebdb3e633591b0960c3fb9221064f8748ceb044110d1986b222f97af49eb76fee98f

  • SSDEEP

    192:9Pz4ULMxLIKXHsfyxSnshY3fK1e1KkvtPrkgaCItxIxmPz9vIezC8DbiVphbCSiL:9Pz4ULMxLIKXHsfCxY3S1eAitPY1fIx+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2d43ce86eae18f5d64e52da8ba1c40ab

    SHA1

    05a0504998c2ad17cb64d898271d9809e3fb6e00

    SHA256

    8ad775a2d2161b28a760bf7f9cb301316343dd34d3c366946a9a7251636f26bd

    SHA512

    05690437b51332908fc3688a1b44cf9f244e96754c3fc58b195adf0965a6690b837009981efdbd5c92f6ee3fe94298de0dda9408703d9437793959be31f54102

  • memory/2296-1-0x0000000002CD0000-0x0000000002D46000-memory.dmp

    Filesize

    472KB