Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 22:49
General
-
Target
d2fe79366a3d3f2bcefa039c8e63c654_JaffaCakes118.pdf
-
Size
17KB
-
MD5
d2fe79366a3d3f2bcefa039c8e63c654
-
SHA1
06d2e552226118eb221bce1905a429aecde037e3
-
SHA256
181295f7b445812a6a32e7dad3745e5ff47681851e15f73b77accdb0e42964e5
-
SHA512
9f9dc5543cad4730752e677f471394b735d0b9d056d31d1cc20fbf670cd777d5b06e95a766cd7732eba1a34a6d719870a0cd7f7029cbcbafc9d1b6c32400e3f7
-
SSDEEP
384:3PV1BXpkZAZejWVAilxue5f52k7TfoG8OKshbs6ac3M4DLEGt4EnGGYI:1MjWOilcezH8OKsh4rc3MILJtBh
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d2fe79366a3d3f2bcefa039c8e63c654_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD547dae608748816bde79f83f39ddc34c3
SHA17e04f982ea6a4f5d125fb6a3427218dbbbdb38c6
SHA256b764a43974427d6cd6045aa77eda484cd38e4f55ed9a050bd51d7f97053a6165
SHA5126d6a0ee873b4437d14f20de65a1c4f1ba2d159216a2b12ae0df05946524df4b70aec42e4c890e2d96464ae11c870fe61ca79b090286a1d1a0a415121611dba23