Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
18/10/2024, 01:57
General
-
Target
54da7bf10a9e120761ed99bc58190138_JaffaCakes118.pdf
-
Size
87KB
-
MD5
54da7bf10a9e120761ed99bc58190138
-
SHA1
04fb617a45720b6c0cd46902cb2288f427253369
-
SHA256
d1d3d64d5e990b64106268a69fb8b9c98993ee8b5e3fe1d3335864b4836207fc
-
SHA512
0588ec0f27bc0dd389b97c095a703428038ceef5e15f118ea13b9acec237cf1c9566e38b693b4311b2c908724a63c8925436c73c5d0525f3364783e653666425
-
SSDEEP
1536:SqGgNaoqk4EUEzNBuPeFPF7tQLffI60h0eI68AWxApOGzWhxPtgEpO3AzIGyYnVv:HNdqk4zmNAKF7taSZv8Z3G2pOQzHX1
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\54da7bf10a9e120761ed99bc58190138_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55c46c3c1eec3c7be1b1cf307b1610d3d
SHA1b7887e6e87b3c68b38c891fd85264626ba6b354f
SHA256f1121001e64e4354c9c13296ff27e13f1c30abc2230eaa446e621be5e43dca79
SHA5121dc4193e4ba01dee8eeb6d36403ce36d34e7cc91771625946199be01c3671cd6454a20f2b0a02d730a9533a6bb966685ff87ffc2aa3f8544361c7f25b163e0cf