Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
22/08/2024, 19:34
General
-
Target
b8df8fd42830f0c8f23b9b924c60ab16_JaffaCakes118.pdf
-
Size
95KB
-
MD5
b8df8fd42830f0c8f23b9b924c60ab16
-
SHA1
58af2a84d975ba1309f1a5d0e4fc0a9b7c5fe801
-
SHA256
71844c4d44c7607de75314612bcdb6e34e38f435c097d2e0bdea2bf1e6219db6
-
SHA512
18b8bb22d95dcb98d61f886095a89a0fb2d948f4baa403345dc5db3adefc4169175e17240d118cba65208f6063572fdabd36881825740e4b797389f164fc6954
-
SSDEEP
1536:FqOB+heSrtxyD0WtAHzVFqyU5Iia7G4Dcsjo12KCKOFS4fFRS/W9IGlIQ4f5:ZcyD0bPUnaOuKOFS4jSyIGlIV
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b8df8fd42830f0c8f23b9b924c60ab16_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c420ec76166fe12c407813c6d3afe54e
SHA1294d1168f7ce1d36ae8e80f944363aefda0315a4
SHA2561ebd55f4f5132ffc771c53c9d15259c4c839e9bba657c495572c6d01c7084366
SHA512fd52f9227fe54b71aceb5b9cd5b3975b9c538a47ebcb34c6e819c09d3988355ecb438681e2bc08769e53fc5930d716ab2aba9f789083cbb5f82103932b7e317a