Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05/10/2024, 04:02
General
-
Target
16138b514a3ea025cc2de7a64a9c5c87_JaffaCakes118.pdf
-
Size
74KB
-
MD5
16138b514a3ea025cc2de7a64a9c5c87
-
SHA1
ccf58d1b92bd5ea37b25cc4b5b26ddbe644254e1
-
SHA256
429ef24f2d7e5680af5bebc5b6b8d8ac43986d37edc823cd0cf8873d0fd66740
-
SHA512
4ca656b97a66cca9e46d41fb8744048138261c7ef342ca350e47b7e9e80f13059cfc9c2e911314e264f61745408677e64384ce4fae0e09173e43846293ab7829
-
SSDEEP
1536:46rg18z+jNVrUoXD8M+9ABMYcrK+WgWHpOvEJ0yU6WxReOAsxIfiBe+hV:Lrp+jNVwOLMYYLxvEWyUsOtAiBPn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\16138b514a3ea025cc2de7a64a9c5c87_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53b74ca504df74f32547fbf7341df0ca1
SHA13477063b566a4aeb7640bb2fa9bef02bec6de873
SHA256be8ef174c39931ea62d8a3260f72c8480a69925ddaff74f7953bed9ffbf6b5f9
SHA512276079a7c804d351723a19161deb534e6185edf562ff0541ab7ff42d9f22c20a0be788e5d51c8deb2ee2df77ae4b6c728aa3c60ca818fea4d2e9a959ad7c173a