Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
19/07/2024, 04:45
Behavioral task
behavioral1
Sample
5a8427d82d75bb6e0a5663903c260b90_JaffaCakes118.pdf
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5a8427d82d75bb6e0a5663903c260b90_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
5a8427d82d75bb6e0a5663903c260b90_JaffaCakes118.pdf
-
Size
76KB
-
MD5
5a8427d82d75bb6e0a5663903c260b90
-
SHA1
bb0d592064958622c19b6daea3d797c204c9e59d
-
SHA256
1daaa15aff5cc15e6f00aed1b4a95b567faf92b2f8c108c6409c9671c1f082d9
-
SHA512
700f20d74e0afd1f3aa8ca12d8cf1cbd5cc2ede0f87813485984553e2a11e9805cf1547da82b78452dcc1739a623f4e04c953cc95b59137174f0713043cba670
-
SSDEEP
1536:dGYok+oJ5lJycuC0McSGHWDG+kGmqXHZvWzTh7UxpC4BW2pO2wmB:qkzBJyVMbphmqX5YThUTC4O2x
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 292 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 292 AcroRd32.exe 292 AcroRd32.exe 292 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5a8427d82d75bb6e0a5663903c260b90_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:292
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5774ac1f88b9d8c78a8a80130185b5883
SHA18ed05d1b3584e86d47794d52b630977211dcb4d3
SHA256ef68821002b69d326a070fdb0ad55f3ac241d41aa925776e503d25d3e5b906c6
SHA5124a016867b16d85c08fbd38bc119e9df0e83f45431d328134f02e3224e77baa1006e45e6d441fc065f0ef3491a9c0901eb97802345bc1f1e7226178f849a02b3b