Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
16/07/2024, 09:36
Behavioral task
behavioral1
Sample
4dbd4efbc425ae3c1b851ab1cf9669f2_JaffaCakes118.pdf
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4dbd4efbc425ae3c1b851ab1cf9669f2_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
4dbd4efbc425ae3c1b851ab1cf9669f2_JaffaCakes118.pdf
-
Size
82KB
-
MD5
4dbd4efbc425ae3c1b851ab1cf9669f2
-
SHA1
ccd19c627cca4775c16ef8a0c1068c6c7811011c
-
SHA256
abe3185582e9fe2bebdcaf84188ba1fe786e6bb6614b72d785d0a351b25420d1
-
SHA512
88de8c86449902a662ae953ffa5feefde4a62830661da04e17d5f7cf1301e1104630800af5de958922bc41526e2739e67d069d9c6aaaceb8e6dd23813c870617
-
SSDEEP
1536:ao4oSmk1S/khGniiZTCnsbwCR6Vn3T20AbQvmWQySVgsktfQAZKkDW8pO7DGJlzt:Z4o5CsXaswC2P+ySVgH47ku7DEh
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2276 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2276 AcroRd32.exe 2276 AcroRd32.exe 2276 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4dbd4efbc425ae3c1b851ab1cf9669f2_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2276
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bec4460f219480426bdd4e8817a2bf79
SHA13ed0210860e64c3026e61f913686c3397d47e3ad
SHA256b5e6d2bf7af50549b1164b17e6a2e12c2ba4dcfb1c6aac468794cc8d76080509
SHA51208c34df9eede51ce3c0c0a4e0d90df3ae62f4028167348b5777a0d434a700707e0406635cb439103a1c8fc9c312f56f539d761b8fc612e67710a1ffb9d276f6e