Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
04/10/2024, 12:32
General
-
Target
135f76f44c65d91f0db989f0358702e1_JaffaCakes118.pdf
-
Size
88KB
-
MD5
135f76f44c65d91f0db989f0358702e1
-
SHA1
a8cf66c0bbf0fd27adf9b1fe06efd20f004644a3
-
SHA256
bf5b7324c434c7ad9d018b2cb17c2a480a5aae458133fa1bf2fc3405b4705819
-
SHA512
bc3dd41400754a8cb9f678aa38bfb1c889aa4e220a74524c812dcae097684b0c1f67a1b3d07d9439bd6a157a72abb6011ed004561bbbea59582a227f6fc4b057
-
SSDEEP
1536:VYBEd6JEIeKyKsPPI3PZ0/GULevAYLDQ19SJTWxM49guYXxW8pO+wca:SBQ6WISodaezw19SJ8z9guYXQ+i
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\135f76f44c65d91f0db989f0358702e1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD546401d697ba7c3f3778e189a893c52d2
SHA112287c3fecc187a0a212b5f93e6546469a4af80f
SHA25655be86f78416a116642033958d26913f49560649f5df16584aca5dc95f2c3b0e
SHA5124ee1c2f131bbfcafcce0726d4d21fb4032b8fab118d41b6fb481be9ef7a311b398f2f0f29adfd2bb885a7ed9ea21daf2f489ac37833c6e31b7037c1bb5fbbecd