Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
13/07/2024, 03:57
Behavioral task
behavioral1
Sample
401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf
-
Size
79KB
-
MD5
401a756467c85c932a571a019ec031dc
-
SHA1
f20449c033bc9137129fd2cab40bd693b0a06216
-
SHA256
35f08d02b45ca78e743a29d92ad80c2dcb7a7ee018a7a5462e65d36bdcb9f6dc
-
SHA512
e76529da0e3f5035d396dd69380b2ee37f168b29f4c2a6f37f8f4a3d55f1d8d97029ce00afeaaf2535ede69b913250f70a0165ec731fee9716bf399dc3fc51ff
-
SSDEEP
1536:TNJCjqmmost3Xp6Vau39UdKgNLuBzdEEjCpWGpOKCWY/yXpQOHNh62nb:pJzqwKsPBSzjCeKy6ZQOHNh68
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1672 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1672 AcroRd32.exe 1672 AcroRd32.exe 1672 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\401a756467c85c932a571a019ec031dc_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1672
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53efcf9d2d114b6fa63df46c0a25ac793
SHA1b132f3258e540d02d2b24fafd5a64d1906d5bcf4
SHA2564bed58cc26d3d7dbaf32c52e52f994acb356bad1284d4fdc6ce40f7ce064a30f
SHA512dd194dd3b5cff4c1f8760ec98992441ed8732908c88040b2648459130325b0b4b630cd980750194e72af9788cfe7c6bfeddf4dadc6efb0099158ca8811805802