Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

d157ff01f8...18.pdf

windows7-x64

3

d157ff01f8...18.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 07:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d157ff01f873dc951d3b79c708632c3d_JaffaCakes118.pdf

  • Size

    88KB

  • MD5

    d157ff01f873dc951d3b79c708632c3d

  • SHA1

    f885e7e4ddf9a3e8401354388ad02ffe30818add

  • SHA256

    e368c984e3c13133f6dabd55aab923eb84c290fae0f8824f5247bde347487248

  • SHA512

    0d5ca00f57a7a0e502fad2b16783cd9b4a5a94c94590e12b7f233ceaf91dc8a9c27a737e86bf859d84e3b459b6efe8efd095b0c13f2034b226159460a1198bd2

  • SSDEEP

    768:Dg/gVF21VCV7kjubK33rTlLfy4BE2BXC4VkplsjnqRMJZN/3:L2WG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d157ff01f873dc951d3b79c708632c3d_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2124-0-0x0000000002860000-0x00000000028D6000-memory.dmp

    Filesize

    472KB

    Download

  • memory/2124-3-0x0000000002130000-0x0000000002131000-memory.dmp

    Filesize

    4KB

    Download