Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06/09/2024, 01:49
General
-
Target
ce5f3f97f6e601fabf9454796be627b1_JaffaCakes118.pdf
-
Size
77KB
-
MD5
ce5f3f97f6e601fabf9454796be627b1
-
SHA1
4e6c31e3e6c443074179b8a7571994ddfcdc41ce
-
SHA256
73708370a3fb6f58ec4a9cc1a8730f8b2fbb12e82df862e74b37e17989966e8a
-
SHA512
09831f1a2348be49cff769a7c9fafeb76531709104465e7668f7a18bce56c6bf6084343a4cd7d239ce970886a44f110462185834ab565b9f57e900e016817639
-
SSDEEP
1536:TZPb1G1YttUwVEoHRwHlvbVufxerX9wVtqBWZFlXWApO6eWSwB/E4:dzPtUuEoKFzV6erX9+kBWHlW6rz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ce5f3f97f6e601fabf9454796be627b1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b17a2608258e4b6e63eadd63b36be364
SHA13294686b60d54c5e97e2fcc4e702813785f0c382
SHA256c1d7f066493c89ce162dd0800a3d38d9bb70da12cb216f996abaad43e8ae5be1
SHA5122803f78bb757a979931dfdb45e3939aaf135a0532261b985a8e2dab1b016d877e304514ad31f6af8f82a6dfbc611b76fbd267655c6fd36cdc336f009da9f8342