Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:23

General

  • Target

    812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf

  • Size

    15KB

  • MD5

    812fc1152186d5e357bf97473f7ac436

  • SHA1

    12e00b32cb7e13dcacccb820751769c79265552c

  • SHA256

    e341582b6e90d3a6c95d117f4d74d4afcf51755f9e96263dbb3408ed5776cdc1

  • SHA512

    d7c56d32be06c6f2dcc383b21334b95a29a407a50113d028fdbb5d62410926d3d9491730f0acb5d8ec2afac6bc7aa5470fc3b83976df30682f1bb6f008a84bf6

  • SSDEEP

    384:VzQmQqiuz1mHe0jAjBFm0SmJdj7Yp884Mda3xX8/GBw02Lr0Qvn5x:VznQqfz1m5jgBFm0SmJ97Yp81MdaBX87

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          fa4ce15a1870c710875a89d08b05a477

          SHA1

          99ef0582d474e47a59b8f435a00ca65bfc02d78c

          SHA256

          4fa3a62fb65e132abc04b0267263da89fc342844cfc270edbdd2cb65c82dbadd

          SHA512

          fbf3f7baccafdc56108d4eb2092dda3795e4f8d4fdbe02d8010abd9a88237847b7a263ddef91e781e8ff40584f13f2fbe73b31b2b4fa5c4d55577782944f9440