Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 07:52

General

  • Target

    668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf

  • Size

    16KB

  • MD5

    668b26770597ac740a9ee809ca2839ec

  • SHA1

    df011134e0682c961092134e0e2a356c42b8dd2a

  • SHA256

    f5738d2162c67b7d1150a489a377f0cd5ed258b10dac55b6bcd3dd1df3ce8c4e

  • SHA512

    840c616447d3ab46d3a6794513fb84fbf332ac5fda4a2893b6f82b6566367124807576fc75145e19ec4b4ef4dc052076584fe41c69d6285b43095c2eefbc094c

  • SSDEEP

    384:Vz5rzmujz10arRMshl/5bIv7ukCr/vMQtghviNmrPg8xPdoBtD2BwNUe3bFqNfqW:Vzsujz10aVM4Dkju5sJ0srPVpdIM0NbI

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1608

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          e68ab88a1e6bdd37031e50b6f9bc5183

          SHA1

          4729076d522625f5d5c01fd50a281b054ee3ca89

          SHA256

          887c9d4f6274902259b23d19ceb197d15631795339bf2df332f15d3700b911d3

          SHA512

          80217260bd0d382ff351008f98c64e1b1fbccc55171102bd53bcce45a27d56ea30a6733f5f1e3b0100bec246f9739385a946a761b86ceced6cb702a942c1b5db