Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 08:54

General

  • Target

    802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    802bf45e55e2709616810fb1706269b1

  • SHA1

    810a98b96c85014f5b5a855bbe7f9f9ea6e1509a

  • SHA256

    123b0a46d88a9af676b90a311deee5ed35d6e48882928ae9646877079b5c04e2

  • SHA512

    826d2c1c1f9f526bf9b145b487574a3fbd67aa3cd1437fdf7f17328aba3df712fe7f8668cf89da4757a7c204cf9479a623747d61b045d934aab19f12460beb3e

  • SSDEEP

    768:RgGzpDQpX7Luub8xM+kWVK/sb77XxMtKdb6Sced4oF0rDw+MkDD9yiaDuvb4mPG/:iGFEpXGq8xTK/sb77Xx8KdBlCrJDYia1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2184

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          52a40722e20f206e89e2bbc72ea20dc0

          SHA1

          72efae48230f97c3e2ef2c8a8d40cf3ae10288ce

          SHA256

          eb301bb29f253d8cb3ba80bf37dd4332e613c006f14cda324fd525ae9f40f88a

          SHA512

          c4b9eb86212b1ce701f320416a3a5780e64d0dd33bbf109ce8286ef06f8e9b193c4c8e7a7fd68a162b708d7e3b49dcece63af308210aac0c695293fcc44a468c