Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/10/2024, 05:42
General
-
Target
3e1e7efb998c4959d76fbe734912ed69_JaffaCakes118.pdf
-
Size
84KB
-
MD5
3e1e7efb998c4959d76fbe734912ed69
-
SHA1
c8d58543c07c1377b33afcb5bf1f5f7e348d3cf3
-
SHA256
b1de4dc3b80f28a8f6debfaa389dd6b35adf118a028b531836b5a544c485d1b3
-
SHA512
3e28861a91c9c6992cf7d44e49f55a0b07b9d6336eb88669c0d7389f416d565f5b7247118d422a452fa4912479cdf9dec4a4ed252967cd02867d4705a27f8929
-
SSDEEP
1536:NLsNI+SiK6atZm/naMcz+biMHOoQKWxZM4V1FMZym0q8W2eXWGpOKUBxqZPtWRE0:RkSiK6atZm/naMcznMHOo1WrZV12ZyFb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3e1e7efb998c4959d76fbe734912ed69_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bc6e8949d8a058c76a57dbe1b227d57f
SHA1db31590dac4887523fd1f77acdef54ee4dc2bf14
SHA2567512619ea01c872bc9552acf8db43a2385406b2632d5808b7c1c492599972a52
SHA512fbb93112f1644bf1ac5c8e3c4871ea672d6c6fd71d334793d301407605bd91596c087054b23e35e60882f24b8ed9d3405d8c27115163d53e82ebf164999bae81