Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:23

General

  • Target

    a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf

  • Size

    49KB

  • MD5

    a358f6f449cd6b946b5a64dbe238768d

  • SHA1

    81f30b747879bc7641319c79d08a7856cbc6e9a5

  • SHA256

    861841ee4d453cc2a5ec1fb3595cdaa3e67922340987029dce496fd1dc612475

  • SHA512

    e95638aec633d7a04310c0f4d71f2d2f9a67b329cb6f445fe82db4064d66bc5d1f706d6ba973c30f6937b0faf6ddf4314d7cc6d412c9afd75c706dec9764a434

  • SSDEEP

    1536:KGFmPrMQZ/i0VgEaIRlnZwmwNSwjsrQx9ZaD7:zFmTD/gEaUpZw2usr+Z8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    72f33ab892c7c9ba27ff9320f65b7e45

    SHA1

    fbdc1a48ad1a6af29a300de6a7dc7a60307fd607

    SHA256

    bd368a71db489fc9e78b1c3b20e72e965485ed9868e64ced20b267c6d4e08fc8

    SHA512

    aedb58d878c3b52bbf0455616aa0ddc2a969d0db629e9deee3d2c5b7506efb99d1c3dce60d634313aa269e55b584f106c63fb7ed5b77eb6218d698b10ac1110d