Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:08

General

  • Target

    8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf

  • Size

    40KB

  • MD5

    8127f1df4a23369a8da1ccb19f6d0390

  • SHA1

    3ae6905ad5bd480f6f0bd4c98b1b8454107ea502

  • SHA256

    daee5ec14eac9e98bd09c7eb109c3f0f59d7e839a705c4f4fa9d717580fc9f0a

  • SHA512

    782e415150b9a42a52f5f0dbe629226cfd8f9b617845ca0ee0568cfda9754be7726af287ce52f4c79861124f3dd8a00257fe8dd84df4315a1119c8fb18cc728f

  • SSDEEP

    768:+JiQGzPXour39Xbm7XZxydncUSl1ZrdKvACclTSnSECqPBgiV9p+WWiaTWogL69r:QJGzPXR3mNRRdqPG6haTWo796cYo

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2964

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          5c5a95196b8daa3baca749c195327b14

          SHA1

          3186d6bb39eeffa96104e05cab1302ee5369eca1

          SHA256

          95d74a3ecd80ef871de61700c4927d7489fbda9a96ae646945192733d1561a2f

          SHA512

          886ec4098fabfdc1d116f5f6b7b51f4c27986adb39e7c883fa989cb6e1d3d7ecf9d376c629ae940b24d1190f2952a78232f587cd615793de47d7f615d6601671