Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
12/08/2024, 04:24
General
-
Target
8d4e47149a6646c23c8bcb19dcd0ccb3_JaffaCakes118.pdf
-
Size
93KB
-
MD5
8d4e47149a6646c23c8bcb19dcd0ccb3
-
SHA1
14c5c6d53ea60b18028aefeb80e77fa7e566946a
-
SHA256
2527b5d65b32cb4ddda628096cc21ce2438d852169325a90f9de4552eefa98d7
-
SHA512
9848f1a0e5f8fc16075d84bbfaaf2151a317bfe5f0b3b7744f45bdc9dae73dbd688dc0defe170bb3c757ae8703b004005bf5e307d06ddc37e805bb0d91c96861
-
SSDEEP
1536:QjA5k6koVY87bl2lnDMe7LdrqpMArAw9pRnu8rAWzdp++6EWW09peyLwlj2CTWOQ:hm6koNBIj7LdWMArAwtuuH6ymLwt2Csd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8d4e47149a6646c23c8bcb19dcd0ccb3_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5089318d8be3328712b163a87e2c0b786
SHA195b170b9f40f3f58d533ea3051d9e3627ec57654
SHA25625f348a7f98196f393942c387774fd76eb6fe356fd0482e15cecd4f127199f92
SHA512b66c9b50983243d001cdbee08cd9feb37e1f2c823a5d25fb337307e816964b5cc8d87c069f8e645819f21bcf885a0fdb398da77f49e99a4ff9f6959bc173552e