Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
25/08/2024, 06:57
General
-
Target
c0308e4745e32f644713633138c38194_JaffaCakes118.pdf
-
Size
43KB
-
MD5
c0308e4745e32f644713633138c38194
-
SHA1
21c17ba24459d191efb2dd327745b7f0151ae8bd
-
SHA256
eb6a739a35e779981c9f0a15e5fdd4b7c03626c6d51e1cba8ab60e6f4b1ce91a
-
SHA512
378094896c812522047af379c7f65359f57ef4acfd08ee795e26613bb3abe07d709a965ddd3f72144f4dc3fb21d47a229699c31f452a4679d1cd6ef43f172437
-
SSDEEP
768:5gGzpD4pyfT+vbXc/12QwXruB5x8T8yBX06rMk2boEnd5x5Wru8CVqYgByYC0bXl:6GFMpyN8AGk6rv2bFpWru8ZYgBPbXeq5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c0308e4745e32f644713633138c38194_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5343096155561c3185dbbc6967c57a69f
SHA1f5ec823df2d73b292c93e51ad24def8bd43b7e82
SHA2568070f1aab4f90db4589cdce54f5579b15b260d603af8885d9dc9c9c1eaabdc14
SHA5121061f421d89320ecdcb92a4f9bb85094ba76fd9397421a084dc35a89296c8b2728169b8476b3073924e3a15f77d5d68575526f83c02ff1614f0cd99d6e088d53