Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
11/09/2024, 04:32
General
-
Target
d99df7be17a1fdc0c08294bee1947acd_JaffaCakes118.pdf
-
Size
83KB
-
MD5
d99df7be17a1fdc0c08294bee1947acd
-
SHA1
7d610b9227b7f241efe9b928cd057bdc23b6b867
-
SHA256
513f67640a80fbaeeab5215b1396fa81247a8338266c75d6f96c4f67fbea5a88
-
SHA512
b21745f7874198a4c71a11195554313f5d5407b18ab1da95c9ea8e901ed0974fc0a73453f421abd1ffda28e3ccc06302c921407eb1adf465436dac4e78b3ad16
-
SSDEEP
1536:BmT9EnVVfIdrkgljsZtvXnWXLdZHId8yIGXko0F4zG9VgqCP4jFdDHFiv3UqqRAS:tXI1kCwtv3WXZKd8OtL5qC4BdjAfXaAS
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d99df7be17a1fdc0c08294bee1947acd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50f7363b47c4db92819a2fb8c5464684f
SHA148a1cb479f70602aa903de9da7f9f63303125165
SHA256f9fed44d3d091d0d96a8e74ceffdb886633846066812a99eb44111d5f79bd13f
SHA5124ebacf2d06746587cb674e07b03d69c87aeed1e65bafa64ac9142ece19077b739c8e6d5e298ba645c4aa316c46f3a2b4abcb11e1fe03e3bcdde53ae64ba47270