Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
01/10/2024, 08:19
General
-
Target
05012ba0da1f60700c674743a2b29045_JaffaCakes118.pdf
-
Size
105KB
-
MD5
05012ba0da1f60700c674743a2b29045
-
SHA1
3f022e0560c3dc3886a46388cd32d115da0ecdd0
-
SHA256
aea078fea5127d29096f771dcdcb4c37c27c9a5c14ac3133d102305e8bebbc1f
-
SHA512
ad32a860376edc478a19721d665d85631ec35f44a3ba570e9339de9835aacc1c23834a4702953ce67b822ff749b3b44078af7ff25747b360d209f6999462b42b
-
SSDEEP
1536:ymUgLVNgEXikrKy5PTDNTlMLgSSGUNKyDo6wL8B9l85gjMAhqZHXHsFdspt/Wc4/:OgRpeoTD3EgeUNKyDfi8XaXAs4hay5Vp
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\05012ba0da1f60700c674743a2b29045_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5020b0b03c765ef641ea68917586a8db7
SHA140ad279671542a2ece58b1b77b39ee525efaddff
SHA25697e06c18deba26c9269a37946feb9ae7f7a8746e4a71492370d2e2d6464ff800
SHA5126ef336026e821173e349b579e8339adec3a116e53f0ffd9db5cd340994c52b42c926a4c062a121e2583e38c3466e96ab79e41304f22ff42acbeeb6ed20707678