Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 17:07

General

  • Target

    f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf

  • Size

    35KB

  • MD5

    f18e6a4135b7d04f22f201c4b17163ce

  • SHA1

    cb3a9d253f9abe1bef7e64e6c8e02a81c9571b8b

  • SHA256

    94b598baaa020216c1e45ce78f9269c1205424b678028ea6ce837cb60cb2cd50

  • SHA512

    e01756ce6bae593473de813adffc1328ebdb5dc64134c01fc6fbe8dda6f0943487897fc231a9b4effcc6b805e3e1fdd2156c05ae24b56690510bcdfe36d71186

  • SSDEEP

    384:VtOtk1vCUClIsis+YvSOHZPo8leOTk+orgPCUSoGSaTfSnyG6cgah9XPRTh9CUS0:VQtC3ClIsuGPpldoimSSaV6NahRPhnP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    952f7c930b6db888d0c98988669e2456

    SHA1

    80ba8ce07b9b532d08f98eef2853e5a4f79cd421

    SHA256

    442b593ce77891e8205e6600287935f9737e33e53e5c6ed5ad919fd3affdfd20

    SHA512

    2dbe5387ed18ecba648e0ac9d53c52f584a2e4de37b3581e313e06d08e2ab837bdb94a70a60bd3e94339c5eff0cf44246775f7e745cfde4e9ee6434ffb08d8d2