Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
01/10/2024, 02:52
General
-
Target
041b99c07ed9c6a7754a2f743b714f44_JaffaCakes118.pdf
-
Size
39KB
-
MD5
041b99c07ed9c6a7754a2f743b714f44
-
SHA1
59d91ebaf09140f925a496eaa5b9a1c801de32c5
-
SHA256
de206f569d29923f4cc826a59d2d6a21dd63135c4af104d42105bad9f57535fb
-
SHA512
aa79df503181030e952bba5d7b3797fb792788c8eb4c2fff3215e1332a86dd7e6702c5ddc456236310309829765be286ab0696f646dfec481baf5c94870e909d
-
SSDEEP
768:u84dKlGw2XC1tilPhkr6DjfQa170KsYQC2ZI+OjzvRfm/FFOZfj:XjXgC1tilPhkr6DjfQa170oC2peNFOZL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\041b99c07ed9c6a7754a2f743b714f44_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a3248f311af9d282c2c70d1995fe50ac
SHA11c9d668fa5d09fab9bc03704562aa0e2ef1ba4bc
SHA256fe6c91e04de9ca3d922f361c07ee4b2d3858afe058cd595a8a1d1dacad3b427c
SHA5124422452c64ae03b556d00952cf6ec4953c2929f9096ba52157013dde825593d092dfc19e9eb9706a3f02fb93670b3f7219a24cfa40000c8f19977821449f7c8d