b399abd40d4c1f83958b25c2f2d518fdb7e897cd473c52ee919369fe3948ec31 | Triage

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20/04/2024, 08:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fc5ace0f4e27566376ccc45dcaf92f6a_JaffaCakes118.pdf
Size

102KB
MD5

fc5ace0f4e27566376ccc45dcaf92f6a
SHA1

408c2d53aa18f3093d9c8adb6d8d11ed6cc5e14b
SHA256

b399abd40d4c1f83958b25c2f2d518fdb7e897cd473c52ee919369fe3948ec31
SHA512

8955aeb315e443c4d22394e37b14dfb5bb6f5f96e68b78407e631b15fb9da4567353061780cdec3a31c6feb46ef3ded4bc923b8901076a4db9e8c577e80d8fa9
SSDEEP

3072:fUB7AzgoSu1A2v2KJus0xhhHvFQyasJnX:a7Azg1gNOki7Qi

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2184	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2184	AcroRd32.exe
2184	AcroRd32.exe
2184	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fc5ace0f4e27566376ccc45dcaf92f6a_JaffaCakes118.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
2c6ab7d2f693a4c28dc1353094d28b5a

SHA1
0ca9336bb8b7b039f8eb720f60ea8f966fa6633e

SHA256
10d3b0f51db5f8f9dc0ff098ef60435cc1b20cff99ba798ebdf9ed2a36f4dd3e

SHA512
7b2ccb9e70be45ccfb39664b37dd31dabf3d2115e9cecd261f90a001177582bf6af540e2a2e7725c56d97d0711fd17d92ba9635ac25352283b724109ce32d39b

Download Submit