Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/04/2024, 00:04

General

  • Target

    f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf

  • Size

    155KB

  • MD5

    f49f6a5d400ef1dfff477a6bd62f7e45

  • SHA1

    761f8366781baebcaf7c006f320b470f8fe0f030

  • SHA256

    8d41135ae536a2d1b489f946026a6587422bfdd60063c21f983245fd57298083

  • SHA512

    ef742229959d44a58d34c92caff3dcb4cb1b9d21f6b09a337df1ce34b8e21d7f3ee4e96799ed0003365e9c5ff2f9002df19426e2da58f0227c71c4fbd46a53eb

  • SSDEEP

    3072:i4RP9CO+MIp2g3FZErYFKeX7DiSJmJTyAqxGPFkKnWvHXtQO3xe6zCws:3P9COVIvZgeXntITyA8GPWVvH33cT

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    570d8323690d5779717c3f2fda87a1b9

    SHA1

    5a1a92ebb2c2b832a49d43aeba45d2e21e6497c6

    SHA256

    6aa19b99e4e3d6dedd392334cd9fe7a507525a39a3c4753b099d11c345053d07

    SHA512

    808618f09c5158d6ecec68dfbf055ca572fb052f2b51bc4ae09cd19ef0432c79ff2bc78121156386f2690852aa1e039ad317db4db3bb0a10904b7b2c3d5355c7