Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15/09/2024, 00:59
General
-
Target
e1639c63a2e144c5322c9afb0119d57c_JaffaCakes118.pdf
-
Size
49KB
-
MD5
e1639c63a2e144c5322c9afb0119d57c
-
SHA1
417f5f386e0929fb2a1813ad5f94457e23b102b5
-
SHA256
6b864c378ba1c88ef98870e204f2151a9abe9e07005180c4e6ee0c666143eb2d
-
SHA512
74db9f4ebce66f7bf6852fb9d121cfc68aceeaef973d3e99d0901468c424f2f9af6247fad8859f93d9df23d463f0d23ac9e11d99d77741d0a27815524c727d1d
-
SSDEEP
768:9gGzpDapUYt5FLN8xZpuc0I4xYCPoqQSvVCA6wFSeonpfOF+R69dgVBUeWfzCF5s:+GFOp/H9QywAocF+WdgqeWfzK9Hchua
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1639c63a2e144c5322c9afb0119d57c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55141c109e94b4834df55c7cff9f0c6f8
SHA1a358b3bb71475ac0faaa41f3f6c11c9f73e01d5a
SHA256f28294ed84cf4f52dd746f30bb634dba48185fd3eb7c72014a108e1c5dd265e7
SHA51214a37f9eb40234c5ff6c45e2320aa7909030bdffbdc85676440b508bec5353fad47b3912f5b823562d1a665ac58808c21fef1591e0e6eafd6e76430c270e32ec