Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17/05/2024, 07:57

General

  • Target

    4f1533b022c105b8a6fa2a0cad6226b3_JaffaCakes118.pdf

  • Size

    185KB

  • MD5

    4f1533b022c105b8a6fa2a0cad6226b3

  • SHA1

    123d7c23dd42b63c3261f06fdbab892fc3072b0e

  • SHA256

    5e9da386965086c6a8fabd08222ecd7666d2f966724b44d7c489235641735e7e

  • SHA512

    4681f4583b56796ccb2a3e330982a77287f78d0d522ee96295586b685e9d7530d56caaaba130cd38806e98a1619bfb53b160ff67bc299df7cd48f49fa0f42075

  • SSDEEP

    3072:Q2irbxzGAFYDMxud7fKg3dXVmbOn5uM6KjnnQJJRo9jJd8MXCSS:Q2MKlWQ7Sg3d4bOhQej5Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4f1533b022c105b8a6fa2a0cad6226b3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1500f8ca983f9e97476250dd8347c730

    SHA1

    d3001981b143ecee9b3457c169da8a6a34c0bbd6

    SHA256

    8d0d4cd5a7e7319ba301f66f4a18a9e1fdc6418082b3850b6ab2be3021450aff

    SHA512

    24a52b97d8f0b4265af4af3c15f35d66575f77acfa5e7a61714cd635eda05029f6cd1aba4af66c43bb2a2df5f6f2c47dbfbf66c5a1606f81440f37bfa1916fb8