Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
25/09/2024, 18:26
General
-
Target
f69a89fd833519eaa68fa1039bf4b88e_JaffaCakes118.pdf
-
Size
64KB
-
MD5
f69a89fd833519eaa68fa1039bf4b88e
-
SHA1
5543f3d2ed4b2908c59e40c7defb62d2b2ff2293
-
SHA256
459c40850bdb727d8c470ac8c2200f6a00930ed8cb1f3fc7cbfe3b49d8909045
-
SHA512
ba39d2036e3fcbdea1025a8d8108e070a6acc92d7b6f73bf08d2c6437ebfcd84896ba9adaaf95a0afe45c79b6525a9afec4e581f3f0ce720a1feac3219e0ad45
-
SSDEEP
1536:iR5KY2s4gMsEZbO5GBwTvXbnGo+q62nnbTDT09ubLLm3K4o9n+pNJjvoHXFZmGWe:iRI6R4SsGLrGXF2nHDT093K4Cn4o3ysb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f69a89fd833519eaa68fa1039bf4b88e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD534ddd6f8674c1742f781f36f5c7074f5
SHA175e4b928245d68fed3aa43fd82dc7b1ef51fff50
SHA256acabd1be1804b6025695e3c34d8a8212b6c725efe3b19392aa2144473770bec6
SHA512975d88c497a7a5c27f17b86d82af7afa2f977345afb11d054188dad823782f78b4f710ad68b4f1e5ff12a7887cacd25405bfb82319b3a9e8c7fef77154f18238