Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
25/08/2024, 18:48
General
-
Target
c15a400b286661ba1dd6372aa3cf5c05_JaffaCakes118.pdf
-
Size
66KB
-
MD5
c15a400b286661ba1dd6372aa3cf5c05
-
SHA1
50eab16a57e37566b81fd2de62a905ee07491df5
-
SHA256
82a829dfbf9c6d3ceeea8181542a13e2536ec66195a9c90651129e538f1fa95a
-
SHA512
b37a1fa8ca549eaa16fdd596ac2da62e705767af8df9f454954f64e0cdc10a6858b0a8b344cb2a1e8bacbe75a9bd35efd13cb6930dbba6a1bc6b92deb6f1ce27
-
SSDEEP
768:rLZS+zp+OQJ/NT66M+MkTkHAgFFIMM6thHyT7OBdbRPuFhfQi4BdN9NfDMi:rLZHoZJ/vXrTkggF2Q5u7MbR2lowi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c15a400b286661ba1dd6372aa3cf5c05_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD518c03525edfc93d9b51e9e0f400f96fc
SHA1480217b2bb1327903a8364958135b823fbe8f174
SHA2568ac0996c0cd6fbc302413826d5183024eab011c425fc50d01259c535e32080d7
SHA512157e25e5db399c29a7473554aa3152a8522cb165208cce32d8e58f48c2734e64e7b2e134c77f907b997f7befabb6fd1429764c1efc51b8ef71d9fc348ef2a549