Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/04/2024, 18:56

General

  • Target

    f41d3c5c58cf04f2c95b66cdf61fcd38_JaffaCakes118.pdf

  • Size

    34KB

  • MD5

    f41d3c5c58cf04f2c95b66cdf61fcd38

  • SHA1

    a665da0c2dd4f83e4ed74105a618045b7b640dc6

  • SHA256

    f4728768d18cf124c4d67f03199d902469f487a7259660b48a7423b2da3134c9

  • SHA512

    746efa5e885f56be87d3ab73c41adf776b7acb6013c4b0e0f0636dca1f7d9d5aa3f98ea4e9599a6a04b6e3241bf1cb5fb5948429b27c60aa54eeca459bd15bb3

  • SSDEEP

    768:XvtIGo8TsU5sx5PZTRbNOTlWAAXoy8EBxFeihV:XVNo8TzU5PZ/O/AYyZ3hV

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f41d3c5c58cf04f2c95b66cdf61fcd38_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2ae0c33c6e874c6e3abcebb03fcd86cb

    SHA1

    915a1e1468aa16adf985ca713ed200692a6f2c45

    SHA256

    16a950febd4f35a0be6a43a52fa57f8b3de2a55ef9e8f7932762108e4fd19354

    SHA512

    614762c5a6310d5a30b3d582d07f2c66ab4ae5584d3323194e84fc6a9baa03380b73dd624265cc8d212d65a0477a4076c5f7dd2101629a7400189a1d8d94640c