Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 04:18

General

  • Target

    69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf

  • Size

    44KB

  • MD5

    69b4b689c03a6ee7bbd550d9a089d503

  • SHA1

    3f1f239b0d15d6977fd5fbcf1e47bfe3ddcf0dca

  • SHA256

    f45831ea69942f65c6add14d45bff0d47117729ea14290ea9ed816395ddbe3fe

  • SHA512

    b34fe2160134c2e32c51fb2f560a5b0609d279359a035ee25062ac97903f6c8717d44939fa42111cda06f65578e40a6b0e285b7dcec0084268a4b42f723a7358

  • SSDEEP

    768:7yIi9KXfYtPyYBa7A+L389gXkNHB0TCocoF1+uTbEu0IoOgeYxt8lHzXuMZmwgCf:akuxBN+L3K1xB0TCocoFsuTbEu0IoOg2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    bcc048743986201552302fa8edf37688

    SHA1

    2b971b2306a4d9cd56ed764f1a5b7574f9953f63

    SHA256

    f4826bea48fe8e2027a8e02ac696402324101bbbffac5448618e91c92c67410d

    SHA512

    1911611803ac28640fe2d80119ded19e67f0cda45d600c331982b284a4e1808059ca1c75a930b43de97f5eb3b9f9cfa0af5ddef76caacaedd63a87a7fa255e75