Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:19

General

  • Target

    a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf

  • Size

    34KB

  • MD5

    a355641487cb196c6d30e9768d17e66d

  • SHA1

    8c68d01283f5384ec5406a577a873dfa01779ad6

  • SHA256

    337cf976ce0eebe52af7a63cc0a95b51185a32c98e19e969a133e82e7a3188dd

  • SHA512

    6865ff1d1b5cbdc199bb305c55a8e24735bf716c542d73ab47a8aefc57a87b81ca9b4ce444a7a064f86d4cdcb3b64aecb1f95cc38a9f58841ada85321a81aa5f

  • SSDEEP

    768:5gGzpD5VjiEZWHQ3BLYfeJwTpETXI1+lWEmFhlvlzyo2ZO0JBinot8MYarutt8cU:6GFtY7hUlWEmVvlBsO0Xiot8MjuUcS9

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    274175d25151d4c36edb432e23c3efa3

    SHA1

    ad134700c4910bc5b87d590363b279c8a15c9937

    SHA256

    52dc3ec41e1f449db921764472d2e53cb95dafca73cbfaa230d8811734c99ee4

    SHA512

    511ad1e2537ddf49ae5f99b5037218b910343f576594eb9602af56772b4ffe45a7a8fcd86bc881d9a4bc35f40dec8775e5c10048a7fb9ef1c21b44f28c20a1a6