Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

61470ed7e6...18.pdf

windows7-x64

1

61470ed7e6...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    15s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 20:27 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61470ed7e67af3e70ac42d179f4aeecd_JaffaCakes118.pdf

  • Size

    3KB

  • MD5

    61470ed7e67af3e70ac42d179f4aeecd

  • SHA1

    c9f22cab2c5eabb6334d72fd5b55c5a2303db585

  • SHA256

    428dcef55bb8ad15fbe735d91e287ea711bf9b6fda55cf753ad858baed9fad0b

  • SHA512

    b953404a8c62b1942365c4ad5109ab58ff6a76cdd9ff1ca7595e54aae07b5160bd88bf660cf16442ca0c3544b8af6d73e99512bba6cde97e692475e2278ed531

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\61470ed7e67af3e70ac42d179f4aeecd_JaffaCakes118.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3068

Network

  • flag-us
    DNS
    alkmad.com
    AcroRd32.exe
    Remote address:
    8.8.8.8:53
    Request
    alkmad.com
    IN A
    Response
No results found
  • 8.8.8.8:53
    alkmad.com
    dns
    AcroRd32.exe
    56 B
     129 B
     1
    1

    DNS Request

    alkmad.com

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3068-0-0x0000000003360000-0x00000000033D6000-memory.dmp

    Filesize

    472KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.