Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
17/08/2024, 10:45
General
-
Target
a23a4e25a50911e8d5907d3b10c680a1_JaffaCakes118.pdf
-
Size
46KB
-
MD5
a23a4e25a50911e8d5907d3b10c680a1
-
SHA1
9a658e3646360f75f2a837169d2c8f3b28c9119b
-
SHA256
3aa4644f07d7e0ba853917e30154d0dcfe1276abf145b07ec3dd1edec023dc3d
-
SHA512
67f63752a6ea941f84e7f1857b94ac150c9e7d048b9960af0bb26c583f2ed795bb3aed0278f910ae6337da3e9577f198e564cd621e77ade3a2ea0455a097eea3
-
SSDEEP
768:zT9floCQcTPo6iLYe3C6r7TEPhPvxfYiwccxbRh:zRtoLcTPOLPLr7TEPlVNwrh
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a23a4e25a50911e8d5907d3b10c680a1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5020da78229b067cc7a9524cf5ddaadf9
SHA196ef77f29b436673b61d4a9681e0b7b229ceecef
SHA2562afc8434f8daf6093812406bc061c2a709fec2654c4269366c65fede6241ed4d
SHA5126084dcf3c5ece0efb5655234e1aa4171574c0ff0fe6764a63351d745ad281a53ab54d159208360226245bd3b42bbe91ec507aa70f875d26d8d2bd3dd1ab66e1c