Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
25/08/2024, 18:44
General
-
Target
c158cff8a81efba5126cf852bf452dc0_JaffaCakes118.pdf
-
Size
39KB
-
MD5
c158cff8a81efba5126cf852bf452dc0
-
SHA1
2ffcb6d19138ee8684ff64e5a0514cb2252ef34d
-
SHA256
1edc5ca3d3295f1a8d4ddad6b77bbef33ce2cf02de3a263820514d28d8eb57c9
-
SHA512
f560429f3a4a63560b726d36d3ef82b7a023ba4dcd12cc933d3121d421cb83af1b212228652b0eb7b0b0127b7931d19336dc5bdbc538c322907b4ef35a1c27a0
-
SSDEEP
768:jgGzpDFpqcME9iVUee0HLoijVCTRLo10EYFEJjGm3rdp9GxtjcVZZIm9:cGFBpqYhdo10EFJKm3rdp9GxtI2m9
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c158cff8a81efba5126cf852bf452dc0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5df3bf2783a0027f01e3d9b781237faaa
SHA11d85ea733d31348e9af4ad18c5b0d9a136596bfc
SHA25672645f73d1eab31f20a532e11c0c3f85d41d252251ce9e9e7ff30d2a29236175
SHA5122a4b927146faf31ffeb8f0f3fa247ee55260854b740e36d2712d7a0ce6b15f6e056f34b47529ebf462c79a3c84490f9b214f081d1e45a66cff6ebf225ec625d6