Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 15:59
General
-
Target
d6a6499fa4f596f4176fb78d9dd8b421_JaffaCakes118.pdf
-
Size
84KB
-
MD5
d6a6499fa4f596f4176fb78d9dd8b421
-
SHA1
7296dc95f1ca200b7a99d69d04cf7f36fe3513a9
-
SHA256
4d87e663801f0caed71b1d7fdd1b5f18cbd86f781a855fffc1144dff58b7c28b
-
SHA512
c0b3a81a81754e051936292d5b758a73a575484078e16e2e347a22db5b13975b7dd0141e6ebef1ac85400069882a656a79d4d7be89d842c6f6bdd708b6af058b
-
SSDEEP
1536:XQIZ1FDDfDHzN3tRNZZwv8vYqW3hVigM9PUWOyKYau7urL5Au/WwpOSkBJ:AIZ/rDHp9RNkv8YqWXi9PDKLu7iL51yn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d6a6499fa4f596f4176fb78d9dd8b421_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5354777c866ac6808c6a5900f39f72049
SHA146640905b84df743152059668d357b045e546268
SHA256a8ba8ca31c06a210e627628035e8c0e38fcc16fb37870beedc7bab35ba796845
SHA512b3105005d734918e197656453edac7aa71c96b32633cdd2ce8b32a0c168131468b930349e41a48cc4c86c707a1a2402e86ae6d2f472ee8edc07cc86ad2c8ed06