Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18/10/2024, 11:28
General
-
Target
573115820dc3780de2d57af5370dc89a_JaffaCakes118.pdf
-
Size
71KB
-
MD5
573115820dc3780de2d57af5370dc89a
-
SHA1
8fb1447df2853e1165391aa98f48468fe3a253f8
-
SHA256
895005b3665bd90b44b4d96bbde209ef3c20107ceb42aa48fafd99168c392316
-
SHA512
6245ab2f125735e0349dbb3239457f9c5982d2e3a219996c07614fdc680dfbc84406d7234e10a8aa48f015dc6b0f4de8d920d1ce8d157c278902ba4d4ade9b52
-
SSDEEP
1536:U6xC7NMMb9AXd173XPoYhhIKfiiGd9yT6yp5eDljycvP:lxCZNJODzhhIqiOT6yjeDZNP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\573115820dc3780de2d57af5370dc89a_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54bff78794b67ba54357e94bf6337dfa2
SHA18e136232e3feed877c0e59f3a21687189ba86cad
SHA256ab5eccfe87b06a35dc84485fb245043863897c71b738dc2eb9e2fc7c1c841200
SHA5126bac71a91f80e3b4887c4e644072599850f6eff6f62434697c0cfccfe4463bf0e3d39ab0b44e2b83d1c10282e24df7948be4aea35d325104c9484354ee07aee4