Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
17/10/2024, 20:31
General
-
Target
53969b7f9f2be3a8d4edb4548d8d6d84_JaffaCakes118.pdf
-
Size
85KB
-
MD5
53969b7f9f2be3a8d4edb4548d8d6d84
-
SHA1
c47e2b473193b9dd6acac75e4ca282fc93b60034
-
SHA256
aa2c62eef77bc595e8f141cf73b16692ec38f8969b1c2648d0615472bd4c4ae4
-
SHA512
105704ea225694c8d72d7d4284586b6238f8e8b7c2c3153ab0e02fcbcb64f6a8b5dc507968f0f154fc8ef22cafdc0336fd1eec74bc550e5e0a0e1b13cbd3c03e
-
SSDEEP
1536:oFGxgqw1NsmIaWhBEdCQ/Ai0c9qOxSZWycjA8zU8P32kOz6Y2Xs8T1zGuLdR:bQ1qQDCSAi0iqmSZWfBGkM6Y2TT1zGuH
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\53969b7f9f2be3a8d4edb4548d8d6d84_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53e3ca6f5c119388b61468d5de607e73c
SHA1d8bbe0f3ff6a9fe568d36bed9e59c3ac8b935b3e
SHA256b0c1e720dac3c39ba1cd89b6631319d9f77219f8e23f4c270b67f897bd05346b
SHA5125230e66c8c3c443fcdd9368beb0747bde3271fd8773003451df994b6cdf4027f6629eef7de3d3106ac5027a01eaa4ee02f19704111f68535aad31363235d5108