Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 14:50
General
-
Target
fc878335f6ab182f2b5e4a951a05c90c_JaffaCakes118.pdf
-
Size
89KB
-
MD5
fc878335f6ab182f2b5e4a951a05c90c
-
SHA1
976913b4d17a72936e97b20c279326adccd1c8f2
-
SHA256
4bb2302dfa03c95eb604c1feb11e6f2cbc65be350f6a60eabba7f53243a45e91
-
SHA512
2f4c00ffdfe5b1fc3c115d8def107106a0e79c44ac4ce1f46447072e6c666c70ddac4a36451c6da0133d051156e64758e6a1f726e7eef98d4fa37bc767d0bb02
-
SSDEEP
1536:0uf+JVygyvS8srVjhLBPQDLs5omxYvfCQ9ChRxRSW/6fffreZWkpOTVnV:HWJVytSHhrP5nxYizRLpSreATX
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fc878335f6ab182f2b5e4a951a05c90c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53caa8b02399328e92dd1d5f9c80fc48a
SHA10997eb3aa3c6434a6c91677a07c8ca0b88389203
SHA25609eb27df5afd7e5ca96750f10e2f1571a4ef36c8000fec63c093876ba2fddeda
SHA512aabee750b339ec01430ecdf8a0ac571d4a9ea208499c8c3225de2ae411634b79507f9d1fb0bc459b74928a7dea6bb56f81efaa0938b12a965e0e48599a0b6fa9