Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/10/2024, 23:02
General
-
Target
26c7168cf50896ef26470f0216c89e6b_JaffaCakes118.pdf
-
Size
87KB
-
MD5
26c7168cf50896ef26470f0216c89e6b
-
SHA1
915a4408497771e7792724aefa9ea15a41b8731f
-
SHA256
eb2ed57db2fb9971aa55e3f26f16cc84daf45dc9ba0b895e663801ce7e1f0a04
-
SHA512
ea8ab9aa2fd6b3b3b109381741d5c568a5ec6179b32c11a5c7016d87139069e2876d7c5c0ff50f2ce38df035a662f417290b7a232e7ab055e0a007db98667796
-
SSDEEP
1536:tj3+THKTWbFq7wtwfBz+x3suaAVgwz8Bmo4KQeLS1SWaopioWOpOaZ87MnZSd3Mk:ROT2WbFq7Xh+xcuaAKw4BmnKzLSmo8lj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26c7168cf50896ef26470f0216c89e6b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bfda5c6de24ae7473873a7b563faad87
SHA1386086bdc67e6e939531132007cd94cae2b97423
SHA2562e40e4d7cca412076f1407bf596ec7730b204b43c2181c5e306100a4cb05a970
SHA512661391dad8da576441dacae765e30048b85b25b6c7da9259a3bba4ec6f0416d678e1e106743904ae60daf108d2d8fc875664ff266251bca7d0c3a111da4dc7a2