Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
29/09/2024, 18:33
General
-
Target
ff20e373c30f0a2a4768af627866ce37_JaffaCakes118.pdf
-
Size
18KB
-
MD5
ff20e373c30f0a2a4768af627866ce37
-
SHA1
f98ffeafd6164440a53407065cad0dda2e76652a
-
SHA256
98f091b622aeda6580c6a37d61855c1cf10ff22f07b659e95d7faa6238ea5ce0
-
SHA512
8f689f421b078e472d4713c711a15468e0ee57ba0fd5d8025aa22e66eba65fbe0076262217812404736d097adc9942a1523ef7397c9cb447da527623b2f82177
-
SSDEEP
384:VzYXgkXZOz1fbSp1LM/95HGeDRb5wb1H+dh9oT6jnlBId6vSjyHJlsQ86KH:VzYXg2ZOz1ze1LM/95HGeDRb5wJedhGb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff20e373c30f0a2a4768af627866ce37_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57727a521e2022f827aa640bde5886480
SHA1299103e8cf2345fc82b8090784bc3063bc0fbf27
SHA2564a192a1303040373c6d9151e616ab7d43a7947a017005ec4c6fa3b2ed2e06cec
SHA5129d8eb9be68d12be9f2aa72cd6474c10ba77830fe08e7ee6eaf3e03d50e4934f63f38243d5c49d584efb1a6ed8fa9cb6a5bcd4f238c9929038cfdb9894c518be1