Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 18:54

General

  • Target

    9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf

  • Size

    20KB

  • MD5

    9f369e64c5013474e2ab637d13b6f64c

  • SHA1

    58fb6dd77cc514f45e825ba0b42da8d469221be8

  • SHA256

    860a88c8285e1c0d80d7dc482604b81bcaaba871b45d3896144a307c483ea334

  • SHA512

    f9bb9185cfa201847baca2f62a2e0db9a25ae75b94edabf452a68815a42fd79b01bb5980f7d77ea38fda55fd16c51fe9c41536e08d5741b991025f77984644ec

  • SSDEEP

    384:VzBdmFHxjz1blIYpp4cxppvcr00DZ0nWAt5lxca46g2UASglXlkcKdD2gAfIXmE1:VzBAdxjz1bqY3336b6WK5lPG2fTl1BKd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b709b32c11f5b6096a6d5219da538693

    SHA1

    d3f13de5925abcdc2f7f0742060e16718d1ec9a6

    SHA256

    10fe7824bce77b4d15ec0956aef8835100f840b7023137f5b21cab2d859c9c33

    SHA512

    011648be90773f9e47516eede4b1f4ab046231c2d9ae561288f5cf3f90124058e9499210f6b6c4f9e9da076763b5b5143efd48d3299982a8c1926b485ecbccde