Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 18:06

General

  • Target

    bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    bf2286dbb9847051114512a9189b7c5a

  • SHA1

    a53e1d9ff3cf86d515f1a4d3927e46ff6401936d

  • SHA256

    5a79d6b80476e880fcfd00fab51c21feda15e0284692d936cc6df014daf2ee2b

  • SHA512

    084a6b432c874a00a8e840cd8e45b55f36a6b6c2b0580a1071c6704cca941c49b8cb4eb071b526bbbfad5297bd65c7682951ef120c7da5e9b7fe242e34af3275

  • SSDEEP

    1536:MydE1S+KZsLEsIgklZWT9/w2X39kEqubc3uQMyXfR3QQbEWQFvR/tw1WOpOwr0Yy:jf3cIrZ8NX394uQMsfxm/twywr0fHZMu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9d8f0c92b397ec59812428d8b6cbe9d9

    SHA1

    fc36699940de0c23a6800de66466b4fecbd10832

    SHA256

    b4844b9d7a9fcfe49d3b5dbb961576b1ecd03bb18bfe55ab73122f116d349f06

    SHA512

    279c413b793be9accafbf0a4638437b47919c01d8434ca5d71d80e2d751a0bca5482886a724e5996b54393b471e8046c5c57f40afab0190be40270c7068011d7