Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
22/08/2024, 17:35
General
-
Target
b883736f22c1117f0464ea534f005bb4_JaffaCakes118.pdf
-
Size
78KB
-
MD5
b883736f22c1117f0464ea534f005bb4
-
SHA1
852b84cb5d7f22094ff3f470440f70ffecdb2c0d
-
SHA256
0f4c8a5901e2c9002d5be2d8b0c6eac123eaf255850fbd9ff12d84df5a796915
-
SHA512
44366649e5aac856851cfe7281e1ffd3d881c9546cfff147449df11372ce4f9e32bd31f42daeac66b2685eab51b1c16d50a09ad4e536fce8c280a3292ec0e535
-
SSDEEP
1536:p0TXMaqYDQVSdBLPDQAri0bkEqXbHaWCpOVigI60WTjDVaNItX9+lmw:LaPKiLRRkEM3Vig5/jDVd99M
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b883736f22c1117f0464ea534f005bb4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD562e38570bcf5706d3c72d08ea86d7bfc
SHA1438ae88c80905d2cecf425319ccb39f6557fab2e
SHA256281ef218346f9dfb425c75315779fe160ec559c3925882973a9200d0075d11b7
SHA51294f39c5b2fc016d23bcd450ffd51b165e0c866096ef73199f554b345bad577f161d293f795bac44a442ec8d4524ad92aa1f76cd8534a2ac130ed1a078945f019