Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
17/08/2024, 15:45
General
-
Target
a32439fc56d7608e7bb50d1c3fdbed17_JaffaCakes118.pdf
-
Size
72KB
-
MD5
a32439fc56d7608e7bb50d1c3fdbed17
-
SHA1
a07621ab3f223d530eb44666aebac79dd6b345f6
-
SHA256
45882adb5aff92b3b363df8328dae7ae674f5fcf08d84ef569c0ab3845127f74
-
SHA512
efcffd8418556faf393832cb36cd079a5038aa3d1c597be3547a3999d5f0f131c9a86a6aed7e6ec52d4177863a787afd2a70cb9178e14e3ba0f62f443f237f03
-
SSDEEP
1536:G0U/NbGZz0c9haYj0g1b25v5f2Evl9pr1/f1F5KZWbpONBD6wW0tYeMi1mvu:TU/NbEz0ETj0g85v5zlx/f1PKbN4+Bf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a32439fc56d7608e7bb50d1c3fdbed17_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52e05bf3bc1ba46fb1f9e453279e6bd2d
SHA1b0a28e80067fa32c443e4157e3f53df7d2827755
SHA2564f08b0168ef6e6216333305586abaf48b34db4407a0d9376789072898bf5b138
SHA512d988b0e49be66289e4780bd41d449ba36fc3ffa9d7b417052c5634568f22a64ee53a2c47d352073fb191ff2ecb77c6a4b410667a62a84cb88e37e45961af120b