Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25/09/2024, 18:47
General
-
Target
f6a41f9a508e0f71008bdaba84495b09_JaffaCakes118.pdf
-
Size
34KB
-
MD5
f6a41f9a508e0f71008bdaba84495b09
-
SHA1
fc2e9703dc292068a6de0032b49022e6b8a4b140
-
SHA256
7159d77d9fdf2cbb48bdb269d0aa64362ee800b55d96aa7b06d9e86fca067a8d
-
SHA512
fa3859be2c260c7016ece1f7e054b2f89c227f6a4859ae060c824f4cd89fcbb3e6161816e464f02aaf47e0b8970018a71785320e5f84e4b580962a98dacb8d06
-
SSDEEP
768:CXuMZmwgCLWar7E5Hpxp3rY4m0m2RPP65qEY+v0R83asw2WfN3n:CXFZmGWS0jp3rnm0g0RjWWfN3n
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f6a41f9a508e0f71008bdaba84495b09_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cecff5c4957ec13840e64304ff2c146e
SHA10a9eaa62a59c8affbba758bb155d16a4d20f7f77
SHA256651971401f2ad7b5fb6892e908cf68ff621dd6afc50579a93f1a80bd434df0be
SHA512dc9dae7096284f4b4cfce7718a103dff688d35c9932d05783653d8063aa2821aa6a30c31ec9c5b824f957cc7d72dddf160dffb471d6eb0c2e65086007f916db6