Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:42

General

  • Target

    a368978911a1858fcc0ddf4c7895146c_JaffaCakes118.pdf

  • Size

    184KB

  • MD5

    a368978911a1858fcc0ddf4c7895146c

  • SHA1

    3f8a64be0dcc58688aacb4764f2d931d9fa0db7b

  • SHA256

    d0ade358f9197ae933e33ed17dd453e414569d9f138bb425ade15b47490b735b

  • SHA512

    5be48c3e55c99f0edaade1b59f95de72de307e13e103319b447552ae6f3837525813e435721069cdfcb6e32a83e45e615ef9ffd9488aa4c3973216e9f46d846e

  • SSDEEP

    3072:t2irbxzGAFYDMxud7fKg3dXVmbOn5uA6Kjnz/hNFy6pipTEZVZSp:t2MKlWQ7Sg3d4bOpdCrV3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a368978911a1858fcc0ddf4c7895146c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    fffcb2976d647089b2e51903f2b28971

    SHA1

    4b8575c4bf5fd2a0b49e9ff9df620e8a11a3c70e

    SHA256

    cbd823f9cd7025a9f84aa5166aecbf58b3ad132d194dcc35f504c0a63dd35488

    SHA512

    b33107234670c58428c4a5d769dc07719adc8214c994bbf443ccafb2dcb1aaa8cebb2fb3cb04065cdf608896c6e971b9ca4b542ab8442ab3636cf245ce15e9e6