Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 18:57

General

  • Target

    c026ccc2a21d791180044ae0569900d3_JaffaCakes118.pdf

  • Size

    92KB

  • MD5

    c026ccc2a21d791180044ae0569900d3

  • SHA1

    e859808d3b14d16be0edd97222aed68f013d7302

  • SHA256

    6f00fe76a797bc0789d585c59bcd105cdca2938cc3c24f1d16370db356cfa5b5

  • SHA512

    53a843b3a66e0edb174c483d07823b4592c2d354dcbc0197613c89a2b719f641244a34386ea8d5eda55ee0a1fe20e6aa1e177e9cfd9f810390ee8ff81f35bfe6

  • SSDEEP

    1536:7kLaMkx/8uhbzP4Gp545MHSuiA4QtcfgL9Uk0ZWbpONiWebTwgPgcgSJGa/YfDAb:IHa/8u9C5duiADifgUHbNAbT/JJG17Ab

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c026ccc2a21d791180044ae0569900d3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    060943f497232c37d1d00dcae5d6254b

    SHA1

    b381a6b0fec054f2fbe25b100945fe136bd4034b

    SHA256

    7847650c418c0873e2e98b164dc224bbb4ad0b8f3baeb26a0c228c7526fc947f

    SHA512

    a942b871a4a3e897515c84b77de6407fa3c57fc945f62aecf7979f9b1009bb91db7fc238dc43cf857446d8b7746232569e68a86a5347c6d0662ecfd5d594b8d5