Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-03-2024 08:57

General

  • Target

    01b93609b7e50dd2cf4441b0632659e0_JaffaCakes118.pdf

  • Size

    75KB

  • MD5

    01b93609b7e50dd2cf4441b0632659e0

  • SHA1

    09b192e4be8cda7f846a0f3ace47242782998420

  • SHA256

    e58e4fe7bb9a72ee36396182377ffcf102812fcea23cb39c2f2573e2e8bd55b9

  • SHA512

    6a4c5b4bf8b09ac7dc3cbc317359af8823a858d74b9f36fb65097d1803e0125badf5cc5365d09f70c58f9eab47f5a5807c87e140532ba64e6264e6322df57544

  • SSDEEP

    1536:6Q0m5HJMKzBnKgpYNd+NyxzWjkCWHpOvTWuO8iAt764cL4rQg:rDNmKNP2+Nyx7Cvr9iAt7Rckj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01b93609b7e50dd2cf4441b0632659e0_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    8da2ec13070077de8ec9212c49abe467

    SHA1

    07b6500b7fe3711d68933a4d0c4807d123821a0b

    SHA256

    b759607bc1c0a90f16a17c7d270315b4cfc7e03370db90ab788d9fec420bc987

    SHA512

    aee1230f8641474854b2c2c0cd68907763d4ed6657d00e7bc4d8e5b730903f17487305ddc70a03fa5325cac7f292bb01b3e8a5971edcbd84c36c02b85dd7ef84

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.