Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 19:43 UTC
General
-
Target
facbf24614e3180382a53c0cdbe0ddd9_JaffaCakes118.pdf
-
Size
81KB
-
MD5
facbf24614e3180382a53c0cdbe0ddd9
-
SHA1
e68c62dd41cbfb0b68ee2f097202830a07d82244
-
SHA256
9614f88f34e20722aa26846bcea1f9c3361e7f0f6ce3fb0ecb86d9cfeda83355
-
SHA512
d98c9482b589241b0a06149d0c657736914416ec548a17ffe566e6dc953d2c06428f94bee8f139bd63965710dfec8813de6a9354ab3494dae825c1fa1e18ea2e
-
SSDEEP
1536:QEudTFWEW/6fru5etfoVxJDAumlfNUQFwtQMVHZlaZQWapOn6WDk62oqq3kr:qTfXfru5et2xJDLmVwtQM3YZZnZ2oqqk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\facbf24614e3180382a53c0cdbe0ddd9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54ef011ec91cee648a63a3198dc291b49
SHA1a200eebaaebe3cf0cc3b5272d6c7ed4b720f3ba7
SHA2564e84526ead041573c03d77d1a8751bdc8eefda7086fcebdf55c1e6c7904f64a9
SHA512cdd4f8cdafa01050e3d46699b5d3e522764e69dddcb74d23022426a2052c64221207b6d71822966a5e028b250e3ba6b0d99043fb306bcbabcc358a8dbce2ddcc