Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
12/09/2024, 19:47
General
-
Target
dcefa762c8fd22e74e827f5c9e7c47b9_JaffaCakes118.pdf
-
Size
77KB
-
MD5
dcefa762c8fd22e74e827f5c9e7c47b9
-
SHA1
04f5501e73cc81fac0a6e610ab88e72f59f84c4e
-
SHA256
56d34d61f17ad7a73c8cc47d1f824b944450dbbc23550a111035bb46d6807884
-
SHA512
0f4e92d62a1659720c7de3519b606b997ef98e7e50bf15e138665fce78df69e5399d97f070779e4e4a16f970e7682b77bd26e09a4127c1d2278ca1bfc5d7c7f9
-
SSDEEP
1536:GD3GN4jQUnUdhlHL+f/AH/uoYV9OPAGt5WApO6eWAIur706Sga9:o3GN9UnUhHqf/Af4V9OPAsg6UrgD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dcefa762c8fd22e74e827f5c9e7c47b9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aa299672b2cc813e9f34044653150447
SHA1b80a3e35ce040969326b3c90e145f1cbf4028548
SHA256640133cdb144c321521fef4a3e87da7e1dc553452c16d1505af7ab409f00d771
SHA512501a39a33b6bd2b5de6c032181ab1b768b3fe4a3d9136f7adac6d0f7879adbf00c67b7f5d4333bed64dcac3b4eed66a397c25657b59254f32d231b73e4f9d6b7