Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
22/08/2024, 19:23
General
-
Target
b8d6a998d42092b48b982bbc8be17a81_JaffaCakes118.pdf
-
Size
95KB
-
MD5
b8d6a998d42092b48b982bbc8be17a81
-
SHA1
a0338b74808ca4c2f92c149ece872ca3e94b87b9
-
SHA256
52041c80aeed64f8a6fdd129ff87eef6efcb6a0c8dae0d2cb7b7c81b5ed601fb
-
SHA512
1ce773a27d08e1baad3d44b77448da1a5d16d885c321bda073978946eac698bd33b2a5b7cd27496c9dbe4ad48815101ea7729b353311c30b3d99434b53cf5717
-
SSDEEP
1536:qfosRF3tL9x0MvtYuB8ztla7LC22pRu9siacNeafMY+HIuryWSWqQ6Mw1cpMhWcy:+oAl2HaWl6e1pRssiaaHMYe3r0Qjw1Uz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b8d6a998d42092b48b982bbc8be17a81_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54e14e8996954e287e273bb777439161d
SHA118badf7f95a24d8486f9facbe5248ddc4d2b8bd1
SHA2569fd80f6128180ad42009ba91d1dc8e4a5f3a165920c73d49d69622c8cdeba1e3
SHA51277c278663efb81cd139beb21e92e26331dd35aa88a64e211cfbb4b12e70bbfdc905de5dc4b4b9d86e4635fe1353295912bb27c0058ea269adcf75a204ac78a6a