Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
10/08/2024, 06:16
General
-
Target
8513f1d0fec5b75faad1423f2db2e11e_JaffaCakes118.pdf
-
Size
37KB
-
MD5
8513f1d0fec5b75faad1423f2db2e11e
-
SHA1
efad02925d084c659047dc52a192c31bb49df0c8
-
SHA256
0d3ec49f97e8d74b616b7530161b3b75bd24f378aa80798c53bbacd9ecf5500a
-
SHA512
d4b4ed11ca4e6f199edb324f8777dc02d19f4fdb7a896871f4afb41da5b8b63b2b38a781a6af406fc563c8bfef8652373528d48c38355182fc057c6becef5e1a
-
SSDEEP
768:ES7ns60QzlCsWOW7v+01+paOc2eeLUiaw0vBw6cOq/OdfpI7OVCuunJa:ESb0AlCsibUpxppiTvBw6wGS5Ja
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8513f1d0fec5b75faad1423f2db2e11e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f972f5e1b5ce1486ff81e2ea35628d27
SHA1089cfded01f3c863e12c694775b9501c3a495670
SHA256223504c6e0f1d385b9a59a7cde4a0b4106bbede6a93ce5d9d88a53db45b41e42
SHA512ae484d27e97d7f63c7450076a17a5831f20713e631795e52fe2c2d45ab8f8442cf268eb7941e959211e187460fda8b405231017d38e67eb1395ad91e7b597499