Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
20/08/2024, 10:42
General
-
Target
aee8496cab008f03386df68f04cf3631_JaffaCakes118.pdf
-
Size
43KB
-
MD5
aee8496cab008f03386df68f04cf3631
-
SHA1
ef0cf35813cc7a262e5dc5010e6063cf1e7b5554
-
SHA256
333b0f331bf1a75cc8d6cc801b51b972a2e0c83d55df1bcb14419e70b81f9c9a
-
SHA512
d623dc2e2c3686c13590bfd4b111e5871b3efd5ba289ec223f8dd81c9b1591b69311cd9c0c584df2176779964b7f34f78e088fb8364cc1f3142bd50247b2f767
-
SSDEEP
768:BSm9z+QYFvWYyrm13UjI4SCuyJfkYPlwIkWYFAe4TVD5Juc2rx:BSm9zXYFvWv6UUPYJ8Ykqe4RVsLrx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aee8496cab008f03386df68f04cf3631_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54d10e7b506425f5add4969aa04e3af70
SHA11f98fde4412846551239ac0af0d97a1d1fa93aef
SHA25619aa0770f59890b69838dbb19887c9b6779ca28c23083e27ee842e53d5918400
SHA512433dcbae4810911d6b4f6f1d4fb9ba3c18ab11c6fc9641abf39007de4c9cc308f662c00552a3fedb6bc954b4e246b3e4f07ca1a816b34445bfe837bcb9cd7c4d