Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:15

General

  • Target

    846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf

  • Size

    14KB

  • MD5

    846f6e11f2406715467168008f3f2e37

  • SHA1

    b445ff053d1a6fd5af5a664c923acd663ba5adb3

  • SHA256

    5860f4d7b35974a9845c7c0dbf6f97c5d5fb026928709fedfc2955b245f922cd

  • SHA512

    1bbbef28284d1b9fd890f48027048fd2426c0ab29505cf0656cf205d2a0220fde7570fe9cdae7876d47440445fbb48510e8c76f1c6f982840a2ac59895139c54

  • SSDEEP

    384:VzLP9Pz1YDAhl8A88ObBitQkHI2YhRG1n9EEqQrTw/G53dnPhAMM/FWPR6fvVWEw:VzTxz1YDAz8AXOlEQko/hw19EtQ3wO5D

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    41d06018f23e499d83f61454fb400551

    SHA1

    037c1dc31e4f38127e09a3d41c97acba1c92cc6b

    SHA256

    318fb75e398e9dd6b1205b9eb19c2d3d5ee25b75d42d7dfd8cb34e754a10e4ba

    SHA512

    0394e78b0d8de9ed6c55293d7f32ca6cb46f837dd74f71c8bfb9fe6ca8b598d33e42a115128362555148e8a47e4540d847b7090d0888f74360ac1c9d91abb4a6