Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:11

General

  • Target

    8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf

  • Size

    28KB

  • MD5

    8129d57e2bddfd072509b5d3743c811e

  • SHA1

    cc0668672331d51184d47b616448c6d23a782870

  • SHA256

    a74b149d2dea91c90f3c9d4e8995dad6ca1c445eb2decca409dde31a34449c87

  • SHA512

    4d07a31752872d3d9d6faed1a44cafe85464145de31f67d3db7d99ef1b0a9e5367530be3c96358207a5f819f4bdd0d4ee6ef77231f528e9964ba766a76454987

  • SSDEEP

    768:9WF7v0yesxXgp8x13PRKOMOklTXak2sDKP9E5vXuMZmwgCLWarjJ:EFzeuwp8x13PRKOMOk9Xarr8XFZmGWSF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1192

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          c630f77a2258ac53a1556c166bcba2a3

          SHA1

          8ea3cfb40a3853fa4fc1a25d3edaf879008156a0

          SHA256

          4d11ba0da9579db225ac78c76b2d9218e756a6d9b5fe058f915a59113620f8eb

          SHA512

          50e8785771582ca5268d808437833344595502665955c4978da935b0d79eb23149e07acb174d04403731fcc1d0e5bae4f9fd4f92efeed6c2690b56fb61d78679