Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
19/08/2024, 06:51
General
-
Target
aa03308f6e27339cf546256466a78122_JaffaCakes118.pdf
-
Size
73KB
-
MD5
aa03308f6e27339cf546256466a78122
-
SHA1
93c3aa1432b95b86c3ede99da4694b8456bcc1d2
-
SHA256
7d0259b413393b2511001d7193886144ac15247d5d8f903ee1e6673f166137c4
-
SHA512
38578f1e613cc5303b2f4993317da7471453a8eea7e8240cec15feac5797911cf8cdb376acfd8c3837cadfcbf9aa7f22cb097648b2c9f667a3c24466a0c2369b
-
SSDEEP
1536:F/6vguTf8GMEEbiuW2SWvbTy4SbdLircQlXLjlccGHWx/xspW8pO+i0SU:hoJPMRSubTQdLirP7juoqo+Xd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aa03308f6e27339cf546256466a78122_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5329d3eb97ec72c9a590a64b50d2ac329
SHA14ac2a6f839b91f231c29436f53fe1d3ad79d3705
SHA25674432a479d36f8612369b15a2ac525c102fd05eddd454476e750970173f51775
SHA5129586cdc0bae23b7e52156b44c32125c9e1a8570ca36f422e376bb8c073eaad6239d375daf3677907c9360bad0443c28a508ad307e06e9e5c10fcd2426772cf4d