Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/10/2024, 08:13
General
-
Target
0ebbd325661f640b3180eaa753260cd9_JaffaCakes118.pdf
-
Size
82KB
-
MD5
0ebbd325661f640b3180eaa753260cd9
-
SHA1
2b4c5bb193f78500a22142acf23a6e2d26c5ebf4
-
SHA256
d25351391dbc6ef63bbab393ef5b1b19b5d6e514b09d4e8642244178a939e944
-
SHA512
fd3bb0043fd6a9f34de1b52389507a44e625892c9f29eed7b7ce88fd9c31e60347835cbd6a709ed55e252f64dbbc3030193c3845296a87f2f6d3fdd7dd31fc4a
-
SSDEEP
1536:AVF6gq/dUqD87RtOUYD4gRlJofU3WF036/LeYXr2jKdSoWsZ8H9T47LYHWUpO746:+6gqFUq83pgTJoOzCL1XrJdx8dTcY67Z
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0ebbd325661f640b3180eaa753260cd9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD560a76c522a1595d83c7d7110cac898d5
SHA1dee2e6594a182b3722aa4d033e12e8758c8d61af
SHA256c6cbb378e32d4526cc6544414105f6b409945deaea5690bf0926bd1d64d39bfb
SHA512110b8be0be807d85d5b867bbc0be866b08c44418d9a1f8b46fb97f7a97392aa5529b5eddcab27bda347c86375d190ffb33f622acd1d273ed3819860187d54910