Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 20:25

General

  • Target

    64ad919b46c33085c0eda9a61d47b3d6_JaffaCakes118.pdf

  • Size

    74KB

  • MD5

    64ad919b46c33085c0eda9a61d47b3d6

  • SHA1

    1db7863a2ba8bf6af1f1b47f0e46e62fe7dbe459

  • SHA256

    6a1620f80c0fcc90b98fc725f3c2775907802c6dc259040f7bb90f578059c037

  • SHA512

    f3cadc2fed5ea8296494a0e55b4e50c21028368953e2af7df34062bdd3d49a260aa1e1b5bd11886d1acd0a55ff6342e4e2b649c79d72bb99a2029a6c18db5c08

  • SSDEEP

    1536:RQvijcHFGbL03NyYM1Jv2tRyQas1DY9WV5ji7Ac38mEQUKr:2ocM0UJ1qyQHxBw18m1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\64ad919b46c33085c0eda9a61d47b3d6_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b72ab66a09ed6a0482776e6451fc3c62

    SHA1

    b335f0d772e7b4b2ddaa4ad6187cc3b1345542ae

    SHA256

    ffb73db17d61a5e3da3598a09194d7570926f7415c309cf80507fd4ed07a6e07

    SHA512

    d979835d525938815bb9ed2fb8fe48bb3ed1d558fd192b59cae94dfd873d597dfbf56132afee11bde6ebaf166a11d954a294bddd56befe86210875060036625f