Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 11:59

General

  • Target

    91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf

  • Size

    63KB

  • MD5

    91b55b7b9b3d4d234a201bab49f972be

  • SHA1

    56315db1bbb1f30a7df619884a479e8f4a16da88

  • SHA256

    f5d8d75c978a14a3d7ed6b735feadd04fb282eb7d84feb84380273ca2943f63d

  • SHA512

    f0d231ec9f103b82457538c08b4877dcf039c4b29f38380878462a8070e570bbdc11ed040eb4a18c4d4b6f25b652cd3536eea307b1f10e578e2e4d452adfe242

  • SSDEEP

    1536:vGFIMyF486w0uMoskHxCqtLLoq9L0Nj5L:eFI5y861VrWCqtLU4L0Nx

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    adcaabe2a6de8602f735f63c45d857d8

    SHA1

    99feb33283285a015133a9dde919c9f10a34026e

    SHA256

    81658967a9e7efad7bf3f775bf579bb1caa44eb89b378302b9fd0c2f72b64f01

    SHA512

    c5db79282adf477f67f8334a4880870f14ef1ca7e2ab9f9565b80f75d14539d147c62964ffa25381fca7de7cfc3ba25c1793ddbbcbbf755ce73a7a070ee5a23f