Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
20/08/2024, 22:15
General
-
Target
b10cc89a95e942efc3257ab6d3707b73_JaffaCakes118.pdf
-
Size
79KB
-
MD5
b10cc89a95e942efc3257ab6d3707b73
-
SHA1
59c98968286c06ded7ad2b80fa47ccad60ebce32
-
SHA256
588e0a2c9d50c1dcb31c84a3c57412c740e0a82d33cbec898ec4edce11589303
-
SHA512
b5c24b2c1a9e067c8767c07d0ecfb6037d9a5530195ca60b6c087872bc4ef74f6bfe8a74217389726a8bca632f7f6dc0f3fdab2ba0ab8f4a76b168f69d3b3eb6
-
SSDEEP
1536:OGQH9reX2H92hc1v1VvK5lIUpu0iy9TjRAnPWLPaYXWhAfhoerSOW8pK:4H9rAK1v1VS5119TlAnkPa7Sf2erS/
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b10cc89a95e942efc3257ab6d3707b73_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5758241452d91869983c31caa0f822588
SHA1fec3dddfd3a57172f6657431173ef9f40babda00
SHA256aa403816f0ee84f2b54c4dfe1af2891615a66d39b1dfe7606c4cacd3bc58c250
SHA5122d6fd7a5240e7c984d82e179500a2c253e29a57a6b6fb56a906f9032f329c72e7132c5f24bfa87ec83200c8c2cc5dcf4756b356706af47b0da1c335621669a57