Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
24/08/2024, 21:40
General
-
Target
bf77f4672b45034663a7d7eb0a6e54d5_JaffaCakes118.pdf
-
Size
91KB
-
MD5
bf77f4672b45034663a7d7eb0a6e54d5
-
SHA1
78637e3883d313a738a34a56b8fadcc62713d042
-
SHA256
8567177554815997ce04d1bd349ebc515ebd307bcd2483f6869593d471696bf2
-
SHA512
990cd8f996c1984d73a5e369eb8daa350e1474eebac5300d42f2142dd5289612aff0def4cdf9ec9ab0506528d7f011fe892edbca5abca3cf597bc745aee1fed4
-
SSDEEP
1536:PKPs01DhPZVRBdzPImHnswjL6K94ZAOUZu2KY1IWrKqPDNb5WapOtQSWa62fk:msGDVbBImHnswjWGf4239KqL9WtQSR6z
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bf77f4672b45034663a7d7eb0a6e54d5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD501736b9d2e30ab538fb366dd6f30d594
SHA1f1e4b265926d3892329a822c79359ecc5b70836b
SHA2563520fbabc60dede830b427113d38a253df450140389b2a78d5d177a1e63f3b8b
SHA5128c3016f5bf3db4a741a885bccc53d19f3cf429634b2b759e52705252817c2edb63a2ba1399d9768f1d2f4636058bf666213130c7cb5d368ccf09aa6d829490d5