Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 18:12

General

  • Target

    9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf

  • Size

    37KB

  • MD5

    9f198bb0e0231fbcd9b31eed694fbab1

  • SHA1

    d48dc5741173f5d00bf9c278075ac816eca6b13c

  • SHA256

    0999091d17bd3d83729ce40ce48440609969dff78f26ec7c0c32e7227176d2fa

  • SHA512

    bd3978091d7e82e4357d5684a6f109f0965c07d9aa2a065ea72871038c2e2642ddefa0f8a5d4e5261467b8d598867d3cf04a0b251b8d82bd516b1c181dd804a0

  • SSDEEP

    768:AgGzpDdplYLiyWK0R/NY+IhW5lryzQ2M4Ewr+MIhE9WqKJf3Oi:NGFJpbylhW5lryzdNhrLoEcnf+i

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    38de369283698754e7abde9fc102fc8d

    SHA1

    405bc24e704cb69182170679800d98e8bfd8e3fe

    SHA256

    534451f629bdb04118866ccb93236788394fd607bed52b264fc27dd0b97ce788

    SHA512

    439f1056ab442367b2e9b3e2384bb8c7983a0c4111530111d3459f99266a1f5c1c03fd1d1c771d2af7369ab6a155d2ce43898423dae4cc345c91dc4ccf5fcfff