Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

fca0356ab6...18.pdf

windows7-x64

3

fca0356ab6...18.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fca0356ab6de6cd20e9567e0b5851663_JaffaCakes118.pdf

  • Size

    12KB

  • MD5

    fca0356ab6de6cd20e9567e0b5851663

  • SHA1

    27ffcfde8d11660ad96eb5109b61c3ae727a64f8

  • SHA256

    4cf5057aef753de150abae07c90415b23c9e28eddd29468ac61978eac7ec19d4

  • SHA512

    c466bd211a9aa1f8d3a216f7f2e1afad7d756592bf9b7ebc53919916c64de5bb018b6d0d3281bb94a332bfbba13233fecf0ebed8a8c99b168ab82a883a49b6ce

  • SSDEEP

    384:bONbedw+lJ5W/WC3PX1E87Lcoz8lYOosFM9xn/P2Kvyd/MG3:s2M7n/P2Kvyd/Mq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fca0356ab6de6cd20e9567e0b5851663_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2156-0-0x0000000003D90000-0x0000000003E06000-memory.dmp

    Filesize

    472KB

    Download