Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02/10/2024, 18:37
General
-
Target
0c00a5b040a3996e4e1105b5000381cf_JaffaCakes118.pdf
-
Size
102KB
-
MD5
0c00a5b040a3996e4e1105b5000381cf
-
SHA1
dd24849ef04d6da4a775ec96719e5c0c543f5c35
-
SHA256
09484a192afb4d52459b95d3e61590f58af94df17738e967f76d2ce6f0ef7f97
-
SHA512
43526f23c43a0cbde4037ce0ed1c7dccc8e337fe1099e1e3d641e238e6ea04da43ca3b032d97518b9e69d0e5f53a8400f9ca26edc722c8c30f02188806d59d38
-
SSDEEP
3072:Wf0AAZm6AmRVlS2yCSOKl2uhA+uG4qXQ3G1a:PZwmRVlS2Lsouz47
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0c00a5b040a3996e4e1105b5000381cf_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d8bbac38c77813cd83ead84b79007882
SHA1203db38d1d3bc1712cd4851e1059ad9881a18dcd
SHA25666f60855772de803deae5217b7786f9824b38464864a7e1e69a81f70246ca046
SHA512e8da17789120a28c36a4ded4e386c96929984367013ea8cf0b0ec6fa2452b5058d9c4c74f3f798af58bc2ec6d48bbc4c9863d27ad7e8f666b068d468169ba5e5