Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

4667575978...18.pdf

windows7-x64

1

4667575978...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 15:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46675759788a11424589713af709824a_JaffaCakes118.pdf

  • Size

    12KB

  • MD5

    46675759788a11424589713af709824a

  • SHA1

    b769e8a99640f0913f961fbd5e97eca61cb1f029

  • SHA256

    56e2a5abd08eaf75b93f9b76947b2c7bcd2ca74b17feb306dd6132a998d68982

  • SHA512

    1435315f7d447a67cc89da4da3c31cfb2cdbb9f162f59ad29ad0e2163aad7d10f68489e95f35174d5d4057254186710db40b3527b29de6c191d3a5c4954d476a

  • SSDEEP

    384:GPe4xLMULIGAXGBGB8fVNvjRRzpdcBc0daqiAZuYmkE+ll+XOoYaJkb:G26DHA2B08r9dpd2c0AsAahV

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\46675759788a11424589713af709824a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0757d70965964359a65211d2537d7c8a

    SHA1

    ac55787394b8f2405fe3fade8b2e625bf0a68ab0

    SHA256

    a204c4781e04b571eb03f4bc23b6fa0a4c0806efa34025b2c9408f840f1d078e

    SHA512

    e2a98229966d9c1e165cea6107a624aa3ecf8c8d59557b4a39895d51e200970ad6e01ef965807b610e2a5ba90de97e6b85a928bb0f4320285fcc5c2889f674db

    Download Submit

  • memory/2284-0-0x0000000004200000-0x0000000004276000-memory.dmp

    Filesize

    472KB

    Download