Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 17:43

General

  • Target

    9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf

  • Size

    184KB

  • MD5

    9f05e42f8528fd0cdc8c8130ddc4405f

  • SHA1

    11adbb0f820a295a777df9e7ba338853e9624fce

  • SHA256

    8dcec80ad09765cfdbf5d83fe9e62afc7b917c27f4d5aebe7ecf27749afae62b

  • SHA512

    03ce353e1e22643d7f97031c78aaac0e9c358b2a41a53cc474dc17eb485b2c8a5d79f42970ee668b0dc750c37b18a9541789c223429ceecb6e2b6c7ae2ab0489

  • SSDEEP

    3072:sg2irbxzGAFYDMxud7fKg3dXVmbOn5u46KjnHTGCTbnvmfM4T68SM:t2MKlWQ7Sg3d4bOZzGcqMU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    21d7e4b03fdafdbf068496916fb87c36

    SHA1

    4ae0dc85c0a6de0a69ef548f0ed6d9121b2c7b88

    SHA256

    6e63b7f642fa3538b5f24530d87a72dfbcbd409df7113d79983491867dd5d1c7

    SHA512

    5713b9a73210e8c36be6de700ca3a964577eac871fc986ff2e294954366968a855d8912d55f93d074801f7e7ac3474c60f1265e6c3808b26b8cb817b7aae17b1