Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
15/10/2024, 00:41
General
-
Target
44f979224ac282a4b746ba28f8415c95_JaffaCakes118.pdf
-
Size
86KB
-
MD5
44f979224ac282a4b746ba28f8415c95
-
SHA1
292c42a43dd069a746fa999c23de82ebc8ea7380
-
SHA256
baf143995b8f23eed10aec813c52445ce0998ea44413850a70be99d076c3ce08
-
SHA512
92e93daca424cda82778a16c059e99d3e6a66a04b782d47b092a3bf48da0b27815e6a4add8d3f7451fee41cc65cb073dda07b454bc6b75352d49b653159d5eb7
-
SSDEEP
1536:j9zDfnE1kljyLu3sj+4HeYOE/Q9mSdig7I8XWapOtQHWoi8yUK0skqyc9WpDQtzY:FLESuHj+QeS/QxV4tQBiSKPy0oQBNW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\44f979224ac282a4b746ba28f8415c95_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e424c8f5202b91569b3ba0d137a9b67c
SHA1f3ca863530b2ea71280582042efe4db8dc1c1853
SHA256c0a995696795529de9b6595662dfe0467eefd98efa21a9fcbeba99a6622a3ea1
SHA5126ed85973512f3ae7f2f6ce7b33cc61baf8b83e296e5b29cf2f3fc2b7b72de8b762cc841a3330f6591f4f67c565a2640a0e27d574c4e075a7d730d6c63392076b