Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    8c67bd5da47db121aa63450f4b8307c4

  • SHA1

    c63e49914023e5278d0844d400b1ff7c7139ba7f

  • SHA256

    3066cd31f5a34b129e2d134b371e5d40e220d0e8656e98edc56b050d743f12c5

  • SHA512

    2ef82bcc15006419b05bbcd24769f2b8a93f21d5fd7718f86cc841b61ac3796110a0a28b8e3aa3ed73ca61803d5905372572d676a52243fdeee4d09f3a896638

  • SSDEEP

    1536:SGFWp+U4X5NZP5aQ7eMZ32+8H2oIhTFtJaJIEet7k8QuQaX4:LFWp+U4XHZP5aP0hTTJiI/7pQuQh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1276

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          e223880917c209c2f1e726021e23cbfc

          SHA1

          e8be8fda9cde88694105ecbe7a7718be9d25b68f

          SHA256

          61ee1f018676daf207bc45cc249863b080d9d050a9c816c14a993f43ece48dec

          SHA512

          ff84537d321f0cf737e5eaf6650400c063c79e76f0f370456d911e0ff1d28a2f713c8e261a995cb901731b06f87b65e8afb1a050e528c5f26eb2a871b7c0d617