Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
14/08/2024, 11:00
General
-
Target
95d213c76efd21118e03d28cf69d03e4_JaffaCakes118.pdf
-
Size
31KB
-
MD5
95d213c76efd21118e03d28cf69d03e4
-
SHA1
16c7aa807e71bc47089736cc6fac05e7d49f345d
-
SHA256
8955597d8e64962de72aa957c3ad8a7cae7c525cb4f93aaec86617fc91a41768
-
SHA512
705a0cfc36955f53815485d4e30c0ab26303eda7047328bfbe8a19f01815e2ce84dac6e49019068e75eab2e73a84debdc899ee3ae50b77bcbe684325c4c27306
-
SSDEEP
768:IXuMZmwgCLWar7NG3URUIyf7I6pTiGuwlW//B4PmA:IXFZmGWS7NrUIC7I6pTiGuwlW/ZymA
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\95d213c76efd21118e03d28cf69d03e4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e5ebf23ba468423bc18f8b5000a796df
SHA1ad8002d3a9d7202a9b569351dfa8b73758e04519
SHA256cc7b49c3aa73ac2a1bbe8a8d6473b573abdc4e292a199e21636eb7682184c02c
SHA5122242ed5f3d4c7aff1b5da3cf4d09f658f2374b1956ccbe686eefe1e979cafe42bfbbd0d876d98e4dbf7e1166264ad6f1c7a8db06639459de62ba1b6865adf2e0