Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 03:49

General

  • Target

    743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf

  • Size

    187KB

  • MD5

    743dd254e0a068325554c1a9e44e083e

  • SHA1

    c55ecc5b7623ae4f790d501c681d0c056fcbd48e

  • SHA256

    caa09f4e8f90f530903ee777bf49619526cc4164a7866a6c4ac12b61d3832e68

  • SHA512

    d0a883cbe76168c35a5f1aae5f2ddb46bbbe14d8f3e6c1cc4ed9b8dd0807b10c73a3ffedbc021718ed0baf07d55067ecb50704a040f700f1e945e7c8e073b9b1

  • SSDEEP

    3072:92irbxzGAFYDMxud7fKg3dXVmbOn5uE6KjnnQ5srdqqO5DKvpAGUW7SJ:92MKlWQ7Sg3d4bO5Q+wvZKRAl

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2892

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          0eff0d6366321221244fa65018ac80a0

          SHA1

          e7488af36f123e8932d73401e435f5cdcecfe457

          SHA256

          d80d30f23a71738a463d15381a0275732af4f47d83f3a9de2068ca0e21f97058

          SHA512

          bc1a7405559e79126dd8301cdc6fabb7ad334ac661ee92586f9cb5d554fb3e451b4beb894837d59444504cbe200ae2a47f0559889a6ac028e37fb3597c367afd