Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11/10/2024, 20:19
General
-
Target
36a359dcb459bd3841c019df37acd53e_JaffaCakes118.pdf
-
Size
84KB
-
MD5
36a359dcb459bd3841c019df37acd53e
-
SHA1
e32a6c1614df8852c59151c98e1664f0a48557cc
-
SHA256
607340b58d2923cc8c865217f82b5b7fa960a467f8683f36bd13fcdc922f7056
-
SHA512
9474cec75847a51a27adbc1677bd770d5f3164cc972764c4aba0057cc2b75f995a6bde13c9dc1b6331a3e8926ee752d5ff72e521e07fb88bb5f648c427c2d058
-
SSDEEP
1536:Q8jogAL/8c8AnGpNnAnHQRZarSDH/UBVWghYh1+WacXcU9YWapOtQJka2s:Ljog+kVR6QRZaG7M2js8BtQ2i
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\36a359dcb459bd3841c019df37acd53e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d133cdc7ac1059bb6220d85a6b54d8a4
SHA1f0279493e8a022723bafef9c07450cce49a31fe5
SHA25687fe7ddc222106eaf90aa3fc9e6a9e591f886b0891d7fffcb273b58e723637a9
SHA51270c26cbdacdd66a8c53c9d53177e8d8eda8c2b922a032699a61379a964635f595959a2ce8863ccd130238d76bdf8e8a74c1260bb2fc38e29591bbf6fcfb77e8a