Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
21/08/2024, 07:41
General
-
Target
b2a0f64cd6987c47279f0d149f2e4fb9_JaffaCakes118.pdf
-
Size
82KB
-
MD5
b2a0f64cd6987c47279f0d149f2e4fb9
-
SHA1
5044485a87728a14e68c941d79b426cbc180be72
-
SHA256
3b59078ed20a75b7602d87dacd5986be846ad119a52f2266e72b4a29dcb394d1
-
SHA512
0115e418809362aa5213cca18447a0035d8fba290ac50bfaa8cf699448de1a938d23722388c18d11404d03934e57b29e31ee8b8df4df7747daf9ae38a591e48d
-
SSDEEP
1536:qdYG9LAAKj+JSNDKrYIjPLygljIz5Q6PaW81mBlKBzK43WepOyxesxinq:GYIFUbYEEPGl5G1mgrUyJF
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b2a0f64cd6987c47279f0d149f2e4fb9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5391c967bf04da90b65ea8405f8d9615c
SHA15872fa2f9a04c538d85f73375bac0afe10596ff1
SHA25637197a025b2a1cdc9032985829e53a1866f934037d6f623005acc735b805c7c1
SHA512d9b40bb00393c09e44bd65500f51f24cef6973c777192988c6ce05c726555530da80f84a50da727d260f6666c6ea01915edb7fe1e0d625da893a9b7838ea3d04