Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 18:05

General

  • Target

    9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf

  • Size

    48KB

  • MD5

    9f1428a620d28b1cbf63ec709d4092f7

  • SHA1

    d802729119ad1b55f7fda86bf7e86dafd5d72a07

  • SHA256

    66dc853f941676fb0a44d72f219186bcc162db5c3867aa81b9c04e65192e8cf0

  • SHA512

    802ad471b9f6050aad2f76295e48dc6ac9f7e98ac50afd81de7b413cde1fd9693709ebd473406d53f6c13712352733b07667fef62040b97d43aaa345f6e69a1a

  • SSDEEP

    768:7gGzpDMpgs0VeE/3pDdLHXZ8KMxkP5qsEswhSpzFjukc4dhh9EgG5P8WY7ZQPqnd:EGFIpgkUcs6cBBcg765P8WouPqnujC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    221feb75c6dba0255730d036c475907f

    SHA1

    951d32c017cab7af0a983b7019fa1b3d829d40b3

    SHA256

    e39c9c6b733cabf5c7fbb525f60ffabda24309ae5e7efdc4bd9685c78e9f9b19

    SHA512

    5aadb5c8d7675cddd59f0fbb495da513e1ba3876c1fa2330bab2b5d6c1c620570bcb3ba0d1ff60c0b65b8c0755e8bf1c4bf76c880106ec73a4201b086ee59b5c