Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
29/09/2024, 20:17
General
-
Target
ff43161fe076da5414bd150b498958c4_JaffaCakes118.pdf
-
Size
83KB
-
MD5
ff43161fe076da5414bd150b498958c4
-
SHA1
74281a210625365e7503c92aefac7f1fc58e7c2b
-
SHA256
48425f4bb94f4ecd4e1d2dc952ca84ea108b70ba60ea25ca984ca19275ed3178
-
SHA512
8cadee138d62466908e8021c43dd6db305af987aed814e98a4b4efa61fbb05953f19df503ebb9211d3f5921f3c9e583d779022126ce7504a885ac7b2a175e43e
-
SSDEEP
1536:zxvpq+oE0/qd7lC/UnClNJL5pZ7+8LMNRBx2R1Wqgu6lW6pOu2ZjWAF0yHG:1hvr7E/oCjJL5aMMNLx2lh6Wu2IAF0j
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff43161fe076da5414bd150b498958c4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b815b82237b24ddb6fb1c7865bf444e0
SHA1fc83cd31823d25367d87340338079d57bce7fa2c
SHA256c6be900caefd50ba1794a6d629b9693ca949bbce334cc769d1de63eb0c007513
SHA5124d2ee6cd35ede60fa81cfeee5a928952628a7c755830f768281644e361909a2b490d072fab783f38cf8fbae22210396d30f6f4a48b423f2c783e737849910fe5