Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 23:19

General

  • Target

    fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf

  • Size

    78KB

  • MD5

    fde1fed48e25a18cc70b1d065f2a057a

  • SHA1

    d138e5f1a9cce66ae61f9975c2d9f011dca45244

  • SHA256

    18051c409a7fadc7e73d5107dec938c346674d0182b8c6821e9c8d1ed725b202

  • SHA512

    2d7088854cc1cbce24cad4fd934bff1239fd30b59daa69c8bc7141143361ffe24b09a57e836e588e1678fe969c1f80e1aa4dab65b89012e6740c9c075c7933a1

  • SSDEEP

    1536:SMR6WzH8RS8OyKjJtlDUYjeGtaRrFdul0BPmoabYl43pFTRSB35:fBj809rjeOa7Tabk43pFTRSn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    24a84575482bc92774e3f8f3f5c67306

    SHA1

    f3c6e5a36332ca8980d92e678b85b87373f1e46e

    SHA256

    4482a4910779b203ca99f6051417ce761e4cd74f888e3db82c9c4cfd394d4911

    SHA512

    354deda39ce44918589025a17cd1c1b0e5b3bd61a7be46a58e8bd380a546bb1113b3b32ae142ae29371264c223df1fe17b498c4b19e164aa0706e35e1fdb24df