Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/09/2024, 11:07
General
-
Target
de3caadaa772c2af5f80cd9fce00e1a0_JaffaCakes118.pdf
-
Size
83KB
-
MD5
de3caadaa772c2af5f80cd9fce00e1a0
-
SHA1
33c57ac41b90425d1b450256596220a9ebc6bb52
-
SHA256
74bd031946f4ca6adc03a2e9ea23cba8cedcb605e7ab6551d360bc6c43b0afab
-
SHA512
7c18b685982a9f511ec508e7dd990d2bc6542c6530fb1ad0ce1a30b9177e3ae9589b2bdf3e68e594f6df8b44cc0eb8d398fdf4463c466ae2b9868c0eabad36b8
-
SSDEEP
1536:Y/aoYFRMZklDFhUwuFAg9DJp/rmW+YW4Ki5aiX+br9gZLcpWUpO7kWIkO3p:QuxlDFhUwuzDhM1H90cM7kWIk2
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\de3caadaa772c2af5f80cd9fce00e1a0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD597dad8ea69f601827fd5473ac343acac
SHA113d1b88f5daf258c936983db69afb008cf0889af
SHA2567a496327e24f9474ff312409047729ab3b174e0a224bd2f6707b034dd34740eb
SHA5128367bc7889686b7834b61a7d04a5f41154f0aa1a0f5f525ec998b293c7c66498853cba2991b419e73045ee55dcaf020683a6e4b91095244e9649de023efe8f5f