Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 10:05

General

  • Target

    ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf

  • Size

    93KB

  • MD5

    ff08fd6b2b3b2cacd1cd38fc23e2e567

  • SHA1

    3df4b03084278ad1efef2c0ee401b807c53f8020

  • SHA256

    f544be097e5083488664fa62326b57a8b5540ea2ca0d5abb08ad4afa7163be3c

  • SHA512

    c95e84e25810f3884914684f171c75b2a817518860d04935483ad7066be1987baae3805a245fda5aa763a63e13f2d82689a2b6960cc59f7d583ba06993de3500

  • SSDEEP

    1536:Y2Fjdj2xm9AVwIhyCpLyQd1H8QLcw70/KIn862SEaoWjGEDfIuKWGpOGoWjWimue:5jam9MwIhy8LTdSQLcyo7vh/6EDn3GqD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9c4c01ac5ac6e1cdeba8d28f253094c8

    SHA1

    d1d2e6df1329b2e97751f9b4ab4de5644a507288

    SHA256

    685644c9f2fcf2cfe02bc1494a8bc21d5fa0e3e1417ea8f7fb5c3ddce0d44ef9

    SHA512

    4e2ef08abe49c515c48cbc4182ea3904c38570bf2040756786cbfe0d9cce90dd26b36907851bd5555068065f1c2a41c821613892e1529fc9f1b06ffc5b67a983