Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
14/10/2024, 13:42
General
-
Target
42973f0029130417a6d68104b47fa62c_JaffaCakes118.pdf
-
Size
88KB
-
MD5
42973f0029130417a6d68104b47fa62c
-
SHA1
60b304aeffa355178ae6d071b24a6e25e9169cc5
-
SHA256
fc06ff0c601b994c3a193adf0be3c9034b77ad37b400db85f7111c94f3a61229
-
SHA512
ad798506ff557f22ffca955bf1cecdfbcb59cf7c275e0a37700885cfceb2d2f39a3a295bb317fac64727c832a51f14a064ea8ea858be1a8457a7909906a8af9e
-
SSDEEP
1536:z79pr/lEdGAn/dNYRSEGkCG4T0FivpyiFNUH2ZWx1WkNpOPaW9ySS4bn88xAYNaK:f9wGAn/vd7kCG4T0FkpyiFN4oWx+PrSs
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\42973f0029130417a6d68104b47fa62c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59aa42ad9fdabe2049f6bb74469e0671a
SHA1d71a9caee431a385eadb804bc1f1ffd79490322f
SHA256cb74f27d34f25026c6ed50d3d865db6772669f7dd784e300fbcb44d95c95e879
SHA512f8b41527979433672ea57b99b0f31be4d9e004619c8220af1b65495d714efc6845171e56cfb01641febcfaec6983bb4281fb9156ebaa4b250f75fc8a5dde18f8