Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 12:34
General
-
Target
d65224ec38ebe3a6f4c1c4fcb8a4f4db_JaffaCakes118.pdf
-
Size
80KB
-
MD5
d65224ec38ebe3a6f4c1c4fcb8a4f4db
-
SHA1
b4663e9ec2cb65c239b55c8b678db255bb49ee16
-
SHA256
09fc4a4ee20a231c70559c65b1bf83fc5c5c8a51e8719a941203a54905227f73
-
SHA512
7b73e76698e76afc24abc53f6a1a6370e8d9e4a13a5377c77428b9b61ef4bb2af7d97c2a08b77c44e0ff824734e20b4a68c36f2b8fc71f35987f1c29336fd378
-
SSDEEP
1536:hfi5k4A9MNCVynzbUJ0gT/LTPm2x2AoMWOpOwrOu9sxwWc0l5rMo9SDGv:avAzyPUJTTTPmC2lpwravZgK
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d65224ec38ebe3a6f4c1c4fcb8a4f4db_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56595506b21de0cf1425bc8d89e78cd4b
SHA134c7654b81259350bbdfe794bd1837bd778b1ec8
SHA256b30d2af2af7ef91f325a99616b4b548f30815805bd1453e8b2a595601dcb11c1
SHA512b26647dbda9a8fe519d0b20b6de8fd8793ba9b69ab14bee855c9928b7e424d910002561ae383736c4016e043391300b0ab461abc7ec12c0ac370e0c78b068991