Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-04-2024 12:00

General

  • Target

    f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf

  • Size

    71KB

  • MD5

    f5b8680e0ddfdd3694afe2d88c80cfb7

  • SHA1

    59ab3460c54060116cd886cac474b1194a5123ee

  • SHA256

    640e3d7412c5980596b9c223a3d473632f0a008e8e707cabf3cf374ae7cb6da6

  • SHA512

    da2b7b0db1885d8e45650f9dbfdb9fecadae4e427a6f0bbe3988462c631ff484df4b672fcd78a0e85182693350ba69542290f1205295b0c9053b5db225c8b4bf

  • SSDEEP

    1536:sYHaX7HxoUFdQAsMlS//tGcBvHhL0sWYpO20gJLYqWki+hodxty4:d6rHGUFdQ8A3BvHZ0j21ZYZ+gr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    694a69c29645376c79b33d140ee741a9

    SHA1

    058151bc03aad26f94c0d4c9aa2c923c5a5a98fa

    SHA256

    da6f461b8441a2bea0727742253e8a43ef2e0c3eaa6ece60d5ab44528607132b

    SHA512

    db3ca028c904f5b25031a61e54f5534bf815d7f4e4b7e9ab2b6435b7764073209ef628ed349a1457c03407db2b6158ef6c49611b3b5f3211494aba8b87e057c1