Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 20:51

General

  • Target

    9f7a51ebb39e8a151014da9196025bd5_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    9f7a51ebb39e8a151014da9196025bd5

  • SHA1

    1bbbf22b026cee02992768abb2420b1beb38a417

  • SHA256

    4e2d90ebed1eba5a13797f10166db2ffcdc92a79b882f0eeeb3dbc6918decbdb

  • SHA512

    904d47a4140b52003a2f15270a7e1a33a7a4a705a911307db41103081641d8b47246d15b863a0488e4f46d6ac3084c0a5c57aacfc00356e67eb5b9f8ea7faa81

  • SSDEEP

    768:VgGzpDxpBUaun77JTDqelFbU4dYFqFB21Jjim9P+W2h+CgmIX/xDedOwyGtF7LLo:GGFFpSKJmm9mWR1XNedOw1Hj1WCxIwWD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f7a51ebb39e8a151014da9196025bd5_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4678a6d03ef80a44c431d02662a7a68c

    SHA1

    b9b9bbab4c53b28f7d6ecfdd9504d01886d62e0d

    SHA256

    7bf049ed8c4840cc85c4e257d90c172a34c2ac9040993380102d3efd9006d74c

    SHA512

    338e3a192a08a5e2a439c77ba98a16749dff6bbae7c5eb2eaf83d2ddddbf0b4f93ddae65156622b74ce06497fc44046ded3969ff4502e8607ece61fa365387d5