Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:37

General

  • Target

    8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf

  • Size

    27KB

  • MD5

    8137cd0a6eccdbd1e37aa360860076a9

  • SHA1

    420550aa0518a813b6bb146f3540dafe1bcc4bf6

  • SHA256

    be30e4589efc4881bfc2a337da262e4575b0d8d334978744f47ad4ecf61e9ddf

  • SHA512

    b3a0c8e8db7dee89e61c8941aab2490696e86e238a0c3ce4f0f5c22071ad4db75ef4ff7642be2a8f51c943f21e625c4faa905f29f153ed387a23cc665b7cecb6

  • SSDEEP

    768:tXuMZmwgCLWarOI+BAEtnW8f+2tzWP7bsNI8FNo7qqdqTWhiBPrIFM:tXFZmGWSOI+BAEVWY+2tzWP7bsN7FNok

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2848

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          aafa208984605740f6658f6c4e38246f

          SHA1

          dd9f776b40331f9fd02e7132f0e4c065b266910b

          SHA256

          466035921bd6eba7a79a75eca2aa578d146cd78addd832d0cf2e2ca1d149672b

          SHA512

          b8b640a8664d6b12d79b156273a9d22bca533c885ec5bd981e53da2cbbee8f00c705d2242131b30c3233ea15f39ee4d42ce4e557b5cf41c2a2a399cb1a533848