Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
22/08/2024, 06:39
General
-
Target
b6b1b09fd3e216594f9892fdaf4e5a8c_JaffaCakes118.pdf
-
Size
41KB
-
MD5
b6b1b09fd3e216594f9892fdaf4e5a8c
-
SHA1
fb7357985168bf3067a2f2f151c60ed984fa4a50
-
SHA256
6b2d685d30df49ab7c705de6f5c6060fc59099341e1671ee606b4f6e89b1e693
-
SHA512
7493af0b9a4279a42a1d6ca85afe4e0e0be29a07f615ed60b434caf2731ded167d5e53e9bfce6025f0c47564fd9f37a9e45b47266627f56c3b2dab1358542389
-
SSDEEP
768:mGyK8R2Fm0u6DQCaKFR2mJ7zFTAc4TXB0MXbSnGE5u11GRXvE56XuMZmwgCLWarr:mdKu2Fm0u6DQCaKFR2mJ7zFTtkRuY11g
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b6b1b09fd3e216594f9892fdaf4e5a8c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD598b75ffa34b1dd4baa5288de53e91f60
SHA1836b506999e38de74b5350326be72bbf86f6a7b3
SHA256120714698c7e9e1fe0267a957b0715384945c8e1d2ea93173c62faa7078faf21
SHA512a9171ac5b3b22b150f65b3ce0b781ac963f34ec33608d3a36341fb708215678d0bd9cb44ec6c78a87371d7451096cc0db8e0022985e5604051ca8e384fe67e23