Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
06/09/2024, 21:27
General
-
Target
d07bea8a6e9da96f4b3bb9ded4ca7acd_JaffaCakes118.pdf
-
Size
44KB
-
MD5
d07bea8a6e9da96f4b3bb9ded4ca7acd
-
SHA1
beb7db38e95816d31aa782f6447b459a65d37eaf
-
SHA256
137549c429e4899d23bf799b9a2cd1700f52ccea61eb81d60842107af963eb83
-
SHA512
93523ac99b41a21fdb137412a9377ff12079d14261c7b14eaee59af5f94865817b7060dfbff1a10aeafff97601a66d1530d095dd5b82b71028c17dd0b7efb339
-
SSDEEP
768:9BdS9tftTJ58dpHiVIiC1KPyV/GUmFu7DQKatFm2mJybc1d/TLqZsnTxInwcgj4N:9S9L9uiVIiC1KPyV/GUmFu7DQKatFm2L
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d07bea8a6e9da96f4b3bb9ded4ca7acd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57018310f9d450c720ee97589f22f955e
SHA1b049e35e3d71db9d3158b70be69073e14ee856e5
SHA2564cd12fc92c80a5c6ed7b87ca271fca5fe250eccd6f9f61ddda4a40166cd7ce68
SHA5126d90f4da174c4e005973317c5a94291a6fee9997435b5a451812c81eb4a00ed45bfd7b27948f7de99f450e2c21b6f764b3ac7c66045eb892fafa1a11c7994a63