Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 18:19

General

  • Target

    9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf

  • Size

    44KB

  • MD5

    9f1e0b28122e11cccb1ae9bcb5f8c395

  • SHA1

    1c9b4d283c9b37825e6897e516a4c81fed1fec21

  • SHA256

    3a9afc0ea5678b3d02234faeb8061e4184777b8289ecb5cc12ffe49be27fbcbe

  • SHA512

    8947b22b308e8ce54c013993c5ae7b149f79518a15d44fa50f438700230c248328b29f85fc2aa67c3bfa2144bce0348e57739130db2727087046399e08f7c50b

  • SSDEEP

    768:wV94ktWRuan5xkngciEZQH6It9yj+jDNyW/69bZ0Z+CCXhO1kU8NPUvyHfB5E5/N:w/QMan5xkngciEZQH6It9yj+jDMW/69O

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    cb6022f2c62342d624cc2a10ed6c5b0c

    SHA1

    91e6288741c9a5bfe570265bb066fefff3b669d5

    SHA256

    216f6c4ffb81c305a59119e2e8d1027934cb2767fd4c469780f087a53a3e52cd

    SHA512

    22196f7663baf3ef8a10a5f202e50a1101b7c76c49db3dd6e46578699066ff9147cd0729a2272e1f151141029349203baea6a91b43d11be57e6d6eb2e295189c