Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-05-2024 18:17

General

  • Target

    427503a469a220f4f53b0a5057c89d91_JaffaCakes118.pdf

  • Size

    31.5MB

  • MD5

    427503a469a220f4f53b0a5057c89d91

  • SHA1

    1f8dd65fe53119bb818ab56e0da4eadb6abc1927

  • SHA256

    6bbc4ddc770e0f8841f478067d1d33c2d51ae6eafae50f50d9d92a95e4a51b16

  • SHA512

    22da4880e3e338c63f7bbdedd1754cf05159fc6f74014009bf79de3cde936a83c17a35d28c206ad774488b37fe7ab9d45f03635c14133a5bbafa704597aee46d

  • SSDEEP

    786432:eLE7dchkNX74Bm9phF87B3/5r1AkiT+/OROD30xsHPAzqOwJXwg:z7drNXcBmnz87BPBUTxQj0eHP4q/gg

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\427503a469a220f4f53b0a5057c89d91_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    aae9eb054b148e0c7443b408ae5156c6

    SHA1

    3eabf0593e98a0daaa328ddcf3c7cf8f51ea896f

    SHA256

    4ae64ac06397f43e0196df92a8ed1d8f987073aec8844ade001dfcc306b0680c

    SHA512

    b869e94810c5f06b8caa5952b7cf5f44b1c0e14391af149b3989d4eaa04ba042526938f1325401e0dbe2fea1503c41a7456e3bba4421ec1299becb85e646e7a6

  • memory/2872-0-0x0000000002DB0000-0x0000000002E26000-memory.dmp
    Filesize

    472KB