Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 03:57

General

  • Target

    401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf

  • Size

    79KB

  • MD5

    401a756467c85c932a571a019ec031dc

  • SHA1

    f20449c033bc9137129fd2cab40bd693b0a06216

  • SHA256

    35f08d02b45ca78e743a29d92ad80c2dcb7a7ee018a7a5462e65d36bdcb9f6dc

  • SHA512

    e76529da0e3f5035d396dd69380b2ee37f168b29f4c2a6f37f8f4a3d55f1d8d97029ce00afeaaf2535ede69b913250f70a0165ec731fee9716bf399dc3fc51ff

  • SSDEEP

    1536:TNJCjqmmost3Xp6Vau39UdKgNLuBzdEEjCpWGpOKCWY/yXpQOHNh62nb:pJzqwKsPBSzjCeKy6ZQOHNh68

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3efcf9d2d114b6fa63df46c0a25ac793

    SHA1

    b132f3258e540d02d2b24fafd5a64d1906d5bcf4

    SHA256

    4bed58cc26d3d7dbaf32c52e52f994acb356bad1284d4fdc6ce40f7ce064a30f

    SHA512

    dd194dd3b5cff4c1f8760ec98992441ed8732908c88040b2648459130325b0b4b630cd980750194e72af9788cfe7c6bfeddf4dadc6efb0099158ca8811805802