Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
21/09/2024, 12:46
General
-
Target
efd391b31a875167b0e72739e97a0d82_JaffaCakes118.pdf
-
Size
83KB
-
MD5
efd391b31a875167b0e72739e97a0d82
-
SHA1
ad547b153a1216f9295d81cb2cab94bb70a6b77c
-
SHA256
e3fce270e276a96c8ee34d269b1a9004e563cfdd87ef5a86ae4770dd82a3d47c
-
SHA512
eee494779a4d1aa6a52608f40614d754f8defca2c5767b9503a37643c0cde93e4efbd8bc2a7a283cbd3d41e4a7f783c8e46383d18aa76dace98f54a25dfcac97
-
SSDEEP
1536:uMAPionN7Y8nqvokHbBfU/R1BfYxQNTQTM7mf2SWGpOKUGJ8WxC2cBjp:JAPd8eQxHbVs1fYx0UTKo27KUGJ1C//
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\efd391b31a875167b0e72739e97a0d82_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5229241c9af8e9bdc6d35be7d86093c9e
SHA154013da4b55d835e11280a5a22f01c59041fddb2
SHA256d575ca7d461ffcbdbbd08a292ecd36992a5fd4c5da4197b023367cd08a0a171a
SHA512565ac5453fd82223f9f3603e279069e5ea906260cb1ff530a3b8378f2a0edc23d3ae17aa8a453164edac3e40ee119114c4142b99510dced6690dafb385201aae