Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
08/09/2024, 08:11
General
-
Target
d3ea7a14230faef0facfb7d0532a9e18_JaffaCakes118.pdf
-
Size
91KB
-
MD5
d3ea7a14230faef0facfb7d0532a9e18
-
SHA1
ec273e44f2870c1b78d2496b4062618672360cce
-
SHA256
aa4c72478cb3508e2d0b5307c481c1a2cd5cd58288fc645bc98461805252fcab
-
SHA512
9fa6067b5b5b371829506ee1f293b7e3a57026805ae296770f9010f5b2868e1abd9ec467a84d3d403e547a8fcefb9cbd09c35503940110f9a4f58ba2b59ed39d
-
SSDEEP
1536:vCenyUdd2ICfPqv2+mZAMgoyL+oYOQMEOrOmVFlHKLMbteeWxATceJQGW8pO7XuK:5npdc1qv2+oAMgobo5nDlNQoteUcIQlP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d3ea7a14230faef0facfb7d0532a9e18_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51dff2fd8ea3975e7f77e89cc5c49e45b
SHA1828ce1f666ce5f23a008175ebc3ea1c5e5b637e3
SHA25693242a8697cd1993cef9d8991cfbdd753af3ab674a1bbc9ef3c2e09e9e3e6188
SHA5122d502c4a1659bf7c00dc7bb58bb40795ba3ce49f71ffeb34619087f978284e8433d4601c9785564e10f19b84d7564b2b301b1ee40ee79b2ede76054501f7887d