Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/10/2024, 18:35
General
-
Target
10157ab17d713d7137ba3d8af8740ed8_JaffaCakes118.pdf
-
Size
84KB
-
MD5
10157ab17d713d7137ba3d8af8740ed8
-
SHA1
667574982239639ffaeb114233bb056aee7209c7
-
SHA256
78331ee4ae6334a2955adfccc23ee6de037bf4b2ce5036bebc8c92c9361fe317
-
SHA512
6aca86be48222167faee79d6937f7884eb979c40221388f7bc31edce33d43e44c20f831215f7eec7b70e8483750835dcc69ae7060cbc7c92fdc52a1b0ce1d398
-
SSDEEP
1536:8lnm/ppw/YF8HRrDFHpocU9ViCXG1dUyaTCzOcAWxU4b4bd4n7kW8pO+siE9:ynmBOQF8HBDb3U9V0HauzOcZ4s7/+C
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\10157ab17d713d7137ba3d8af8740ed8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5da31bc5deb2b71741ecc21345fcf7be6
SHA120f661367a0cba8d3cff383eb49f0c73918ed65e
SHA2562eacfc592b53c8b15094bdb487cb21694169325a3bd36d47ceca73235f9521b6
SHA512bfdfe6f6802b6813a209464989fdfc96953700807de8e16cfc0119c94765a30922fc56f5b369443050ba8d54159b77d987da813b73aa3edb30da2b85d1ab90e9