Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:42

General

  • Target

    8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf

  • Size

    52KB

  • MD5

    8c7f374efb7ffc149a1bd5a812ecbd3f

  • SHA1

    cdcf21f42f7e3550ed935638711a7e99d1d3a052

  • SHA256

    d7a101e5dfd0fa44de2f00acad21d5fab75b45b64693e0e4708e4f7d0972c1a6

  • SHA512

    6eac0d89e5becb1c02f6ce40bdbb3437115cfc19d7e70c664664840be02542cb00a16980f24f79b234c0849230ce9357c02d71c5a79781ef16e369de99c1c4ac

  • SSDEEP

    1536:0GFPF+xq0s3znFeWfT76yAaBwyrcOTmjMMmgI/Iv:BFPv7r4WP6KSyQOTKMRs

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2924

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          3fe30e67a2abf2087dd96e3cc04c34d7

          SHA1

          7551071ca9b204b3960acdd0acc340a82b8dbe70

          SHA256

          0f0e3193d071f67c90fddf6caf7866e7426b67bdba813c185f0864f8c2427370

          SHA512

          5f9e303c9fdf85dfe05303292063ae032bc099863b8625e4a83c6c0ca80e172955f16026057e6098ee09095f04daf902aec202b9e1442f9a4b8f25bbedf615eb