Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
12/07/2024, 10:15
Behavioral task
behavioral1
Sample
3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf
-
Size
9KB
-
MD5
3cf7b25297a3a2b70b44005e1237d3f8
-
SHA1
3104618adbf1ec35c892293ec7107b7a4ae2e9d9
-
SHA256
407edb7e5f0dc4e9b78ef07ba7bbe514097aba79dc7b8c893307aff928878435
-
SHA512
27ee848acd1fe602d88e3cb21dbaac835bbe59879ed2724bda68b087de85ebdb3e633591b0960c3fb9221064f8748ceb044110d1986b222f97af49eb76fee98f
-
SSDEEP
192:9Pz4ULMxLIKXHsfyxSnshY3fK1e1KkvtPrkgaCItxIxmPz9vIezC8DbiVphbCSiL:9Pz4ULMxLIKXHsfCxY3S1eAitPY1fIx+
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2296 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2296 AcroRd32.exe 2296 AcroRd32.exe 2296 AcroRd32.exe 2296 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3cf7b25297a3a2b70b44005e1237d3f8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2296
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52d43ce86eae18f5d64e52da8ba1c40ab
SHA105a0504998c2ad17cb64d898271d9809e3fb6e00
SHA2568ad775a2d2161b28a760bf7f9cb301316343dd34d3c366946a9a7251636f26bd
SHA51205690437b51332908fc3688a1b44cf9f244e96754c3fc58b195adf0965a6690b837009981efdbd5c92f6ee3fe94298de0dda9408703d9437793959be31f54102