Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 16:33

General

  • Target

    67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf

  • Size

    25KB

  • MD5

    67e5e9ad8caab919d353108aec0aeeb6

  • SHA1

    a086f31fcdf0fd6920ac05700cca68aaec53246b

  • SHA256

    ed91ca71d758578968998ade6d5926352b092ca96e31366cdf4f9f4052b8b757

  • SHA512

    bcabba237518898a36632fc59dc0087e0beeaf8c44f533f3dc5b5073f860af6c60cea0d786370a03e3844cfbc10ca3069c9cc7ce50832e00427f6d8bb347c900

  • SSDEEP

    384:T/QON8MUG6Qgw0JZCTzz02YFnarXp0NUm19RFY17/ZXsr8cNQSXJrYcOSCUS37SG:TXuMZmwgCLWarauO9TkTZX28cNZ9/6Z

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2188

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          96461b962bcc68ca7647dfbcdf162719

          SHA1

          8a67fa8c0ffeb2de8162ad9a5f0ad288dddcea3a

          SHA256

          d6e7dd1c61e7969ee7c51c793f677fdd9da5028a6d3b26fabbee3d0d115df748

          SHA512

          2a029f5893b5dc28cecedd3cacd7a0c623b3c35b6c0dc0ff3f2c5b659ac5ce06f7754890f6396cd44fb49b6ca31066f9f316f5724fc95d9440eb839a8cc350fd