Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
23/07/2024, 17:32
General
-
Target
688ad14aaa21b40814137249f2ddbd72_JaffaCakes118.pdf
-
Size
17KB
-
MD5
688ad14aaa21b40814137249f2ddbd72
-
SHA1
f71e347ec1baec154de8a70565ba4d275e4c75a2
-
SHA256
6cd09da5a6fd8e775a9e54540ac5724bb3352fe3ea345c885b0591e6d99afcf2
-
SHA512
54a55669b0873db177f61cd1035534e25783be1600a302321a7bc23ca9ccc8eb726b3f730c744924fbc1e18a7c8ff4c5eb89fb113ce40f33340d8fef6c1c6e79
-
SSDEEP
384:1PV1iHLWr45qnxpreztNw5Zr2ZT1eulUa/CUDOeje4tlZGGYhv:mLyt23ZEuXqUtVl+
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\688ad14aaa21b40814137249f2ddbd72_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57c34181dcb5a8da2a75c1a002599f501
SHA1334e3e930c12c9e6aa7f60061e2f6411676d7936
SHA256f4214a0b34e32ce0952102e885a52debdcdc81e13da52548127f499edf6de665
SHA51251bc899830c3f45a97877b59c5648eace46f8343ce0916ce8bb728357ddf3d1b0729d879dbfcff7419d246bc134564ea31461a62f17db7692711a9e2f72c1bb1