Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14/10/2024, 18:54
General
-
Target
43b1482bfc2545ca161d50d0f6cc9033_JaffaCakes118.pdf
-
Size
89KB
-
MD5
43b1482bfc2545ca161d50d0f6cc9033
-
SHA1
9a1ac699ea677fb76d33bf56303db981a81b0c8b
-
SHA256
95339714403a5c29fed0309f1c38bd95c628ec7d39a5fe0cf6a9875861afa81f
-
SHA512
dc0258639f2cb0a495cfef731178ed55f6f157fc3bdaf656548e665ee298245dc23384f8fd7bb8095dfab6266ac7f963e4a8917d9af1b937c8565b8f3e477f95
-
SSDEEP
1536:Io2EJiXWKlInoK8OwKN9IFc+9e/r553ybf/M87TfKVKPnXllq8lto1NZWbpONiW/:4rmwKp+Sr5dOf/rPyIn12NbNX3uM
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\43b1482bfc2545ca161d50d0f6cc9033_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55788fa330b4dc7d9a38e046251591a93
SHA1d2dc6b751e9f4a89c541583a133309ee6510714b
SHA256498ea7d17d2c2c9337d48f9a5d6c24decc12a1d85c29dd55cd7cdd1e9934da60
SHA5129371311b665e73e7c3697bf890229adb41627e95f240170f2ff6457d8af81ab7596caf856d2e81e098e65b0de6936eb373df5fa128f7e22465cae71051cbe872