Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18/10/2024, 04:07
General
-
Target
556524e79f23e29ee2c390f64c8276e6_JaffaCakes118.pdf
-
Size
87KB
-
MD5
556524e79f23e29ee2c390f64c8276e6
-
SHA1
2fea6614979e06201159319bd41f6c6874fc63c8
-
SHA256
474a93fc26e84a31d5fd415416d94b80a91dc39a235e041cc33177ad30a341b2
-
SHA512
585107e08fc03b73294ac9f731ba25ba5cd4b1a5be11c1e6dbfb1c93b79620948937f328f7a4da74d1f0944296863a7b1667a55c4c225aaa8b5690f3f3c7bfbc
-
SSDEEP
1536:gSDnJVIcTAm24KZUSRBa+iipt5ggOda+Qd3woRWGpOKZwKHJCWOIWKF:LJVWO0a+iipt5ggOygoGKyKHJvd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\556524e79f23e29ee2c390f64c8276e6_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5030d43fc8bfd19fd6ce7c441c7e58132
SHA1841d0524843c5d170dd77e8b743b0a4b0adb5ce7
SHA256cefc0af175807dcaf3eeda11e1c4bbc5aa49d8cc83551da2c00b30fe0b964b5e
SHA51281419cb85fde027633cbc7d71da88519a84b153fc22d55dfa86bc860c860779d01fef7fccec0a5c6c2f6eec76d195c8cda2a135abcd74ec29d83c0028160506b