Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02/10/2024, 20:21
General
-
Target
0c538b735467f7d23bcf7bb49e11ee4c_JaffaCakes118.pdf
-
Size
71KB
-
MD5
0c538b735467f7d23bcf7bb49e11ee4c
-
SHA1
9cb21d162a976eac7bab5a2f8f1878026d454bf9
-
SHA256
7de7cc9d2587b4ff5c301a616db94a84800ea752be0655bfa1ee91b15190207d
-
SHA512
e27629cdada523dd273acccf53833c603cf0d217e0f1fe784098eed1303069810927bac938d00d1722ddc24552f568a49bc22fa1c4b296827af1b53202624ebb
-
SSDEEP
1536:TTLh9hkI2z5mbFM9yR3CPcg9jaBYjDbRGJVvBCSdVUMLpImckd311A0pYoB:vN9b2zeZCkgIcRGJVZCsKW6mPTA0mC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0c538b735467f7d23bcf7bb49e11ee4c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d3d737c08412edcc70ddc405932c3fae
SHA1204b4e9ba3a90d6f3d0c7b7ddce96400cbaf0592
SHA2569d20d19ccdb2fa185ed5edfc4083e88e147cd5ba1587bbcefa755a7fb9cdbcb7
SHA512dc681bf63a0940d43a2bc3c1dac2851188a94a575e07da02bc60b7ac6eed62ddb5bb7246c7b13a9b6303403002dc940fbd87af37b8c304ff4f1d499041983ebc