Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:03

General

  • Target

    8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf

  • Size

    58KB

  • MD5

    8c66dfe64a2abb956f4ff6996afc4f54

  • SHA1

    d8dcc8de753249a295b5e82d1bc117d0b83d4c19

  • SHA256

    39a13ee05d72333c2c5693bf02444089ab68f8ca3eae43f1002f5c58461c4142

  • SHA512

    2cfda9b77d40a91dcb657c67510f0323df33b0dcd51325286bf983bdaa84db2966052322b4fedd1fd9eeb5c14630c524731843e1e48f61f9ec160b2908732ee1

  • SSDEEP

    1536:NGbpUVLisHj4QvCgKmumOQrPMpVnWc8iEAHjIW9kjT8CksZiIRoAvlxFjQcu4XF5:NFDtKmOQDAT8Jy84yALsr2OvZpuWysWm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1672

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          54f72cf8a33659ae5d2f2a1ef899c896

          SHA1

          1c7df244719bd76c068e4dd2ccdf586a01c38ded

          SHA256

          e3e90fb11135acd04b8ff2129cea78cf05fcfec71879205a9c807e4222de6815

          SHA512

          063f894d116e115313a1f638ffd44bb057dc33009a387b6ac756d660898fdb730dda026a8e629d22e2d1fa296deae8484906d1dcafe46d9796ff8d918cafda5d