Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04/10/2024, 05:08
General
-
Target
11f6dc0707308007076480e55c440bcb_JaffaCakes118.pdf
-
Size
70KB
-
MD5
11f6dc0707308007076480e55c440bcb
-
SHA1
f830b3d6106e21f0303a830ba0fc551b1cc3d3ef
-
SHA256
2851989a80e8cda667910dd77d31f9406c631fb73bebced1f6bdb5bca9eb7afd
-
SHA512
1aa32a6e15f874abaeb018dc79b0ac86e4d1daa5b217eb7de055dba630045fa8402b6e9a9235b25f359ddf9d2ca474652b400ad1ec12ca49d8c8d20ceb184d26
-
SSDEEP
1536:/vWQKe7NFdbVE6HdBt4zJbJee1PJVgrNFLh6RfoyXZX61RX7GHGf4BN:sSx3HdB0JbIe1hVgrF6BvdICHG6N
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\11f6dc0707308007076480e55c440bcb_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b3c55955480e3235c958141e69074aee
SHA10b62cf2b50f47fbcc1b16bbff214cca69b7de52a
SHA25621020a14ea9f169107e4bba64f64a82ff4a0a1e126a5f9a2d2e07392a757e7ac
SHA5124af723b18dab9e5d7fba741345d05972076eb4e28168129e0d50f7b5f2e08bc69cda594ced6ecaa5a20ae456e55dddf57992396ae4744d9e00f4901ebd4948c6