Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 06:25
General
-
Target
d5c804cc00f3a724f274e6241f5a4d46_JaffaCakes118.pdf
-
Size
184KB
-
MD5
d5c804cc00f3a724f274e6241f5a4d46
-
SHA1
3aa56b1d41b7c460cf304e160aba821ee9251760
-
SHA256
cbbef523795ceeaf29a5cfd0df648c9906c94611bc9bb24186250ccdbe0a0490
-
SHA512
f8cfda81d779b6d9943e548f29ccd50d0a6e4b70bf7d9ec1b7549063baeee786e588e22a0f53d1556c5eb956bdfd0366152f4e60873d451d52cd9f059a97fbb9
-
SSDEEP
3072:A2irbxzGAFYDMxud7fKg3dXVmbOn5uU6Kjnb/iIn3yV8kWhXCSVHLKhKSu:A2MKlWQ7Sg3d4bOJWIniIVt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d5c804cc00f3a724f274e6241f5a4d46_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c555132f02c1392b94dbbc9e6a6b9894
SHA15eb75215d5ca4088a87bf4f15d65d75589019601
SHA256dd3215eec7db4a35314b6863af17290c5ec43b3834580ca4f630313a92a88566
SHA5129f01bd7bffe93f6d81a0063c6bceb070c6066fe48a478b778b190368853d6a549f874eb1ae17dde0d419d1d59045779f65510ab730d4f1df648841c47660dcde