Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06/09/2024, 06:24
General
-
Target
cee0fcd614730f0b7ce316ece6c9f204_JaffaCakes118.pdf
-
Size
79KB
-
MD5
cee0fcd614730f0b7ce316ece6c9f204
-
SHA1
7443e9efb95ce03ad03ad40c981ccab49c441483
-
SHA256
33bbbcbf9715ac0ccebb8531a3f6122ccebe47c6baa5008d9b755b79aafbb887
-
SHA512
28c30d19a3e0200d80c8946b9e06da89e5c1fefe4fa2d55d1fe9e51fd71ab4b94f868cf712302ee57ae93049055e11bf870b61c66d53d4236b71b4f39a3bd0ab
-
SSDEEP
1536:ewbANivdf7jAr/s4IJNNAc2ecTUpjqBnzIB9WiflWZrYSEEQWlWUpO73Qp:L7jII9HNjinzIBHuY1EQWI7i
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cee0fcd614730f0b7ce316ece6c9f204_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD593a04a63a29f92862c1f7de8f9fb899a
SHA18315afbb9207542a2a03545ab8122876441a875c
SHA2560766a698735f6f2f0833ee5cee9170c555f2b2a74b895c2ce3b4ab40ca030a20
SHA51235e1554d46715125e60eb5e7059f3721387b60c4deba532cf656b56d96dc1d04e7610065fd6fb464b1fa45c1fa29c930d589b43d1fa3020ec96d07b62844afe1