Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06/10/2024, 10:38
General
-
Target
17bff72630a7f6d9cc27e6164de9e411_JaffaCakes118.pdf
-
Size
86KB
-
MD5
17bff72630a7f6d9cc27e6164de9e411
-
SHA1
9ec1d310cf570f9bd2e7a3c458a1e208e213d8ef
-
SHA256
05fa27782b2cdf40c801dd06bdfdf529fc26d9c9a3c3d1e1417c9c6c92f753bc
-
SHA512
276d7ccab7bc393108a8443ff2fc1d3e8a86052f854eef62c197e9c078c31c51b268aa0e07e0c03c72bd035a87bdb59288665dfea075bb1b7027bd30462fe862
-
SSDEEP
1536:QJwT/iCs1gxzzWOIVKKAIwdK8PrFO2TakYXPDPM9v9KWypOlWWxt8qjMrZSUTG:QiDnJx36KKTwgors2TaXbe1lDmqjMwd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\17bff72630a7f6d9cc27e6164de9e411_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56b980676e8d1befa24ee08a4336fe172
SHA1daadc681faeaf7baa96f6268820ea8f04da8d16c
SHA2567d3237d55f155d525dd746853af5efd87ff66ba6af70167eb49ee7cdadaacb4a
SHA5129539891dfb326e07923ae58d25426e0bb6f541f8348790dd96df28ef03151b623ba96397ab97bcc95a28c9f7cbc77fbd59a1ae0e56221ee8ecfbbe610ec34e25