Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 15:28
General
-
Target
d24039c77c638efa6f9fa998070183ba_JaffaCakes118.pdf
-
Size
87KB
-
MD5
d24039c77c638efa6f9fa998070183ba
-
SHA1
1748a3e6a9ce0f993adfd1e10c204c303ec446c3
-
SHA256
9a38ac5ddc46457dc514d1036dae1ce90b76f8a8f3b507d8bd4812aefdc854da
-
SHA512
b9972858186a2b8031c0660b250a0fd0b07cf9587e92539a8af717d49abb819dc31a2cdf10dae5a3f43f746ad6ee902b7a1d826f8ae3b59c4bac54e2e0891746
-
SSDEEP
1536:ckPOQ143yUHGqv2EobH2tbhfw3m9QcEjgbaba/IV91EZGXWyR0/xIXKPojWYpOeu:dPp439G82EOH2E3m9OjgbabrV916GJ0/
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d24039c77c638efa6f9fa998070183ba_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5972b4089a94a6ece90f0c33ae2ff121a
SHA1ef1839e05f41dc56243b28c90f8140d05787234b
SHA256d38af8ce610587c59adbd762b65923690d2758f1abd37a1f739766fd973298be
SHA51229ccd87ad48f58e2adf482f1ba1e5d8f2ae52dbce956346c2c71351d532038396da680844bd702cf15bf36f699083c121b1e4879e623743a3a7550bcc4ac5239