Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
06/09/2024, 10:31
General
-
Target
cf574b108e5c84aed54a9e6386f7bfd1_JaffaCakes118.pdf
-
Size
35KB
-
MD5
cf574b108e5c84aed54a9e6386f7bfd1
-
SHA1
3967c111550a8dd01daca1b187433a03415532ae
-
SHA256
0a1d38bb360986bd563cc5ccf3fe16c3a3ff1c3824c8c1a501ef08ba75364060
-
SHA512
6fc1ed7904acb7a1dd39c6e38a103cc73ff3cf99337ee88fefc63e9784ba9130e95e26e09a8e6867974a788b78ec3377720cf1c18469bd8e6b4e550da871d6af
-
SSDEEP
768:BXuMZmwgCLWarR539pYaFM9RfPf7SSiSSHzksDRqcn90ufKv4:BXFZmGWSj7YymRf37SSiSSHzXscOufKw
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cf574b108e5c84aed54a9e6386f7bfd1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD543e34a230f9cfbd902c003a2cc4ad43c
SHA1e7c90b87c3448bb2d01442f154cb5d3d4390ab66
SHA25653de9ae5768d3f6708ace23ae7ca56b17e6bab884e2281dea61b5ccb481a823e
SHA512654e2c58c482dee5ba35682ed1e866cf59361248ee3af9c1439066ee743c35332992ee6f87efdb09e0bf3939e982cb1ffaa2b1973bdf8f70755a1e09b36ce858