Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
07/09/2024, 17:26
General
-
Target
d276aa60763c07acb66ffa7e72ce6369_JaffaCakes118.pdf
-
Size
80KB
-
MD5
d276aa60763c07acb66ffa7e72ce6369
-
SHA1
f37c6cd764445a2ab1cf1f41e84a6ad5271b1cab
-
SHA256
97ec29614a5d5139d508f8fdcde57cacfad83ce1f0834cb5ba3061a17543f759
-
SHA512
a7e10383c43ed36a06d79acc17b3bfd17ff5f9420511022ed0262be6207f5d94cf5a9a0136acfb540df279f2addcb1ef74b7fb2073d90048ab346738e30fd6bb
-
SSDEEP
1536:ui6m3WGA/4DfT8dkqxQkSxzHPYhTXsOGCBD9WcHaq3eMuy6GSxTmLWApO613F:r6iWGA/4DfekqxQkSpHAhTXmCBDpuMuC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d276aa60763c07acb66ffa7e72ce6369_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a0b4ea9d574bc8cccabde68855996fcb
SHA126ae3c45e4ebc49689dc956301960641a404b5e6
SHA256929a4a6afd6765931559ca2f255e73bb6dec568c697840fa875184eaa230cf37
SHA51276390d6ba4cb17475f7971bc07abfb9c217d16a6798bfec7c3d890d57d235b8ddacb98d2762b967c015916d08965214e1c1b6a6abef17e143b677421f176acfa