Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15/09/2024, 00:19
General
-
Target
e15392264140a697f1969b3bba03cd4b_JaffaCakes118.pdf
-
Size
35KB
-
MD5
e15392264140a697f1969b3bba03cd4b
-
SHA1
3f443ea12efd6e0b0fd9a5164efcf06b0821de4a
-
SHA256
246187c679dd108980b5237bb609723ea59190cfe89f65d6d0bbd22db5f8e927
-
SHA512
81c4991ef37b1dd8e4aee60ae725be4b8691fce96cb224883db0d5bf35bdf7d34d9fcdf73a0bb1c3edd134113b2950cf3bbfbcbf776d6352ea76224bfcf4a11a
-
SSDEEP
768:0XuMZmwgCLWarZkZgqqOlNtKMeTyhouCXKdjWz5cMENLf2FaGZx:0XFZmGWSZkZgqqsIhT31KdjWVMNLf2F7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e15392264140a697f1969b3bba03cd4b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bb24bc4181a6c4a5b547f1c1ab3952a6
SHA128a31888a24882bb008d1d84fbc74878afa7fd72
SHA256c92f77dfa987e9a36fcd9fd53fa82aef98532f10ac893f1ae276d17319c16335
SHA5120af37ef6484ff71f9007a7938e07b57cd5da07ca97f204a8900374148ebb5b286f7e308aa0a3e74dec30808e5f42bd1bde2ce2418835774fb72e802d132b6820