Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
23/08/2024, 16:24
General
-
Target
bc77dc372c71a88636371f250acc1485_JaffaCakes118.pdf
-
Size
80KB
-
MD5
bc77dc372c71a88636371f250acc1485
-
SHA1
a9ffa3061c429c215ac99f1c1c957f8d522bdcdd
-
SHA256
46675d50e11d5c4d722aefb05989f4769032efa72ebfcfea65db83ab46c96c5a
-
SHA512
f8003f91c6ec00d5a00fa8fe6a0f56e1ba29cd6b39f69ddcf70b0f763f585dc4c89446c6c84f57186ddc8139a0ade909188a4c6a75083d2972e757913dd78de0
-
SSDEEP
1536:MBEg/9l7bzGptuC4sBRnOgtjkSBJc5TsU7qTYW6pOu26Wa99d1T3+CBDngK:Q/9l7bSD7BRn9kcquu2o99d1TOCxnt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bc77dc372c71a88636371f250acc1485_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57d992089270b229fe656a27e3abd8582
SHA1780dfd0eed5973d9d50928bd12ae014506ef30e2
SHA256f08530fbb1656a137104fd259994e51b124fd5c01fabeccc53bfc5af331ff690
SHA51206c2bc8f0e3d205c9c7ed02de25672d5ce907458d83d089cb52eca8d8a7ed82f2433d348256358d1bec37b854ea86923b2f0bc5548e65370a4a8611064cb5cc6