Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
26/08/2024, 07:49
General
-
Target
c29125518a9166db5f3d7e07293e55a4_JaffaCakes118.pdf
-
Size
54KB
-
MD5
c29125518a9166db5f3d7e07293e55a4
-
SHA1
afba1453a42b4e94a45417e5e9585103b3036eff
-
SHA256
80befb222be9aace0f7c65c5cba8f6264a853426798a94276b5d993c571474d1
-
SHA512
cb2dcc53dd876bdc9494c858d1124c742383f58ecb30e4c9e70b37bc89aef41b7654985f13e89850305ac3353e9f54330403105442fa2edc39b4738faed52d37
-
SSDEEP
768:pgGzpDOU2cItXy8L2N4N5tOnpcWd2KUNN17jULHtaucpf5wKsbaMF7drBB0Z:KGFCXOnToKUNN17jUxtcnwKse8BrBB0Z
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c29125518a9166db5f3d7e07293e55a4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD503966f581c10353124a7d03cc5f347e0
SHA1bc7727b8a492a5bb6ea2ff9989cc76f8a539b9ce
SHA25691bf11072af57d8a371903955ed2c84ecaf9f471f15e139aeb86b9a5d21fed75
SHA512386cf8dec089da45a0d78d8f96f4e420f96c61b3ab622541a6a19931c0111300003cf2a19b937c2b31475a7d772fea661506a25e984579f963d2aa79c11f7b58