Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 09:55

General

  • Target

    751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf

  • Size

    45KB

  • MD5

    751a3cddf82c9c217e7cfcdd54b73540

  • SHA1

    f43ebd9535150c91fa56fed89cfd3c9c97ecb064

  • SHA256

    a5f3122348f88f8d52a0fc317ca3a7a84aa1e6dcb98743368dd38df9ce8677e6

  • SHA512

    791389f354dff91020fad1af7d3252fddf4858917e4187fb78016f9b1e2beafb83ab9fa230f18d2c88ffacc4383c5bbdfe12e70995251f12d0b79e497327c8e2

  • SSDEEP

    768:9gGzpD3pNS9rI3rXP2vSVP2p+nMRVxtCRtbND9jUglJe6LSKeTXMktU4W1oo14yr:+GFzpg9k3rF4uRtbjRlJegWTX7tU4WBR

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2388

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          c97b812d01418515030d30b99c1f37b4

          SHA1

          40cd70cb519d3763c274f9c71050adc9fef841a3

          SHA256

          ec7585ea9611f9270904180876215070dfb1a5ae6fdea8c32677e56214aa67c5

          SHA512

          5198e41d1217be212cb5e2b26410e842cac7fb84e25c4716b676c930b1912cd16449bcb6d841d5abaec4a17d56fed8193ad09504a07df4dbc44c84f8d878d63d