Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    16s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 12:37

General

  • Target

    49cfa73a76f04572d7c31f885045fa38_JaffaCakes118.pdf

  • Size

    4KB

  • MD5

    49cfa73a76f04572d7c31f885045fa38

  • SHA1

    21de706c1f6a7698729943ef5ff9e54953531130

  • SHA256

    e808182f9866ace0428f492c6a2b14d2867d71a91be0f1f4fd3acfb24434a2c0

  • SHA512

    b80069e8d7c8e446e149a87b63fcfb1032b71126d4670ac3e4844b3239f190b74d8397c89405e9c8ffde1de7226a105a495896ee894b1fb519ee084cca6b9383

  • SSDEEP

    96:rDg51RORkrqkYrxwIyrEEQ+YiDVMCJD2mwouUX64fx8scx8bh7ZMPytPG/5G:f+1ROqrqkYrxwIkEP0qC2mg4fx8C

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\49cfa73a76f04572d7c31f885045fa38_JaffaCakes118.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3052 -s 744
      2⤵
      • Program crash
      PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads