Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15/10/2024, 02:50
General
-
Target
4575b65a5e6a8d7ba06ac335a683bf8d_JaffaCakes118.pdf
-
Size
80KB
-
MD5
4575b65a5e6a8d7ba06ac335a683bf8d
-
SHA1
42bac926e5ce2715ec74881bd3343a8e197e4566
-
SHA256
c12bbf2fda46eeec532718907f4bf087daea8c9971e050b8037b1796f950d282
-
SHA512
eef55ce87ffaf4e85a0706017163795f95f3b6a6939ebebdc1609f11ac2151e9615e404ecb9ae038ad967d2cd920477f4ad48476028d4d1c8b203f2de9500753
-
SSDEEP
1536:0m3bwplg4BCBDaRl7kUVEqc36wYWYeCW8pOGEWwD4vWB2rVqy3/bHvMLB:D94k2X7kUVEqI6X3EGMDVWVR3jHv0
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4575b65a5e6a8d7ba06ac335a683bf8d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b7049d4a291b9e1a9d5f5268348a107a
SHA1afa018abbdadd1470f5c549132b945601c61d183
SHA256b5a3e235d0eadc9a373f26a49b22a7ece7940481d89f6d2554707e7db0494d13
SHA5128cf5fd3cd7d2f723e9b5b6a913c9b54cc17dfa79f9cc53d38c92dd649eb6d744291aa0dc37c4db3d6f8230873bc1641c1643bc407d91b212e57c314810e076c5