Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 18:40

General

  • Target

    9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf

  • Size

    34KB

  • MD5

    9f2cffe6fe6f439e7d3c56a23d2033cb

  • SHA1

    5ade909faf2023f579d78c14eab1d71801cf23d3

  • SHA256

    4109f59b9a74589861f32df2e0c5acda3ee4f64831bec44175707b277f432bff

  • SHA512

    4ae7e4042d79a9748fd07f18a97433898e2d96568e54654d5e60a8adefe0bc3c0572f992ca053a0c5b1cb2025f77b6a1dfc9b5e9c477a17117dd04a7c4e86060

  • SSDEEP

    768:SXuMZmwgCLWarrhXJnPAVYWlkEfkinC1Jzk2aUV5EEb:SXFZmGWSZJRWlkwkinC11n5EEb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    aa38355b9e3ea9557e57d25cc7c0b3e1

    SHA1

    61d2c9218e59331d6a95ed59b3b8c08e15f10433

    SHA256

    9c0e8ec34896e2587d5b87e0b216cc0c956bbb1ce220e321718321848b9fcdef

    SHA512

    a8df686fd7481fd625940f82f15401ebc8b6a37b8400ae39ac1853bab2588c9e97459cf7b867edcadd2dc227a4ae1dff1adb9decaca71e584cba8b74b99b5f32