Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
26/07/2024, 00:27
General
-
Target
71e1033b85d6dc4c1b7dcc5cf6c714f4_JaffaCakes118.pdf
-
Size
68KB
-
MD5
71e1033b85d6dc4c1b7dcc5cf6c714f4
-
SHA1
cbcb54f97b2d24ec8a3042596e50a03cfd82f9b1
-
SHA256
6602860a07b7185a79b1d4bb982c521ea7002acc57028a89e32468ef0ec47188
-
SHA512
f6c3efa12eb9a5032cc67dfc7bb7e3632f2c8e642f0a66f7d1b0f12de1c778849308f846f52c31af880de717bf0d8560d8c665064d3c7f7b483b5b053ba6c680
-
SSDEEP
1536:oTbTTRWjlYB63yesg+U9HBv7z6Euz8nIDNiW0YenB3js+3xEDo:WzRWxYB63yJ4hvv6j8ny8hnBXx3
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\71e1033b85d6dc4c1b7dcc5cf6c714f4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d3e00837d7bf0ef7de76ce9c4a9fffee
SHA194143c14fbd4acc15cc551ba6f5a129a270f62d6
SHA2568b26c8d0962d9a12eb86a24c3f11ec0d76c51c311f9f74a2754ee850ac0151bc
SHA512e1ca5bf6b7a0b66ccf042362a8876fb64559f7e82425638400f07bb68f9a37a9ceb50c8604d2882c085c926faab4ea902df09544587e4c478eb57d3b0d7fb7fe