Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/09/2024, 12:02
General
-
Target
dc4454cfb8107f8008eba3431075be3c_JaffaCakes118.pdf
-
Size
49KB
-
MD5
dc4454cfb8107f8008eba3431075be3c
-
SHA1
bcba4906e48184526dd6a4b0f75d3feef332f826
-
SHA256
92bf6a775dbde5c855c70cd1d34420b70d45799749fdb9e6c817a2a8a69de14f
-
SHA512
c1c577cee32fad2d528e853288730148962d7fcf4af8941e839bd2319e620b8d5dd5f917107a2ed3d19d1281333e11f172ebcf1c06d849db4490e8469e57288d
-
SSDEEP
768:xgGzpDFGEQTNqSsJWWxjuliH7ItvQYZTat3u2a77jteP6BxEdp0+n5vh2zMBpGqv:CGFpL21zbT1yNp1nn2M6w5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dc4454cfb8107f8008eba3431075be3c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a27d8845f0285ab23175e7a0601c0619
SHA185a0280a9a09491b8281219c9b5ea9941f90827b
SHA256cb8750989a722dc725c000cd23d316a7433efeee5804b9a7cfde15ebe6735ca3
SHA512d45c18beaf4ffa4d117d8514cdc33c3a5142f8556d1c24f9a46c8966eda45204e1b3f36c49c4582d1fff1ad2e3fcb8943d7daf22309a4ab5a3f8a4fbb1f07e4d