Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 19:04

General

  • Target

    9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf

  • Size

    48KB

  • MD5

    9f3c3ce9bf3a3fc686f519ad658254db

  • SHA1

    5839175a44cde8b34e4c427a41854c878efaad9f

  • SHA256

    c3d82f8477fe1b598cee6d043343d13907639a4b4de1e1b1909e6b7dcf9653c2

  • SHA512

    b3cfac01e7155ac6f78acc467196f59d8bfab5af5f30586e39ece3cee50b410f84751605f00f7201ecfb6846ca7d01cd1d55ae8b09a9406b123caa953de19b47

  • SSDEEP

    768:FgGzpDyBVksi8ALfLyZ0Wap/dnixRhhyQEe5WEXBnxdotqPUQyurlJGhHh3h08MA:WGFmr+Az5TLotqMwTGhB3OvzPcZxX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4365c3b71681911f6214409625fbc0f9

    SHA1

    5d8229afcfdd6bd63a6b1951084afa580fb8e207

    SHA256

    cd18f388532105fa30abc1bb92e4676057dbbff6d0cf601bc4c5bc007c6f931f

    SHA512

    ada1613e33be5d868b0684264ffdae99cecd35cb44cf84d9bb4908a820547a94ba871b437a2d812c3d524e02bd29354d9b4e2aac8befd9931253ee43ab53ce75