Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:27

General

  • Target

    a35b833dafbf7fee6c57f4b5124ffb44_JaffaCakes118.pdf

  • Size

    187KB

  • MD5

    a35b833dafbf7fee6c57f4b5124ffb44

  • SHA1

    54e59b623c1370a011bc8f2aa8f76553fe7e4e97

  • SHA256

    a2deaa30b6aecf72f4f27d52d9ffbda0f2475e22af5fc890ddc4977f77e1db54

  • SHA512

    12faab1bd676961d5fa1d7537a77c8da54232fa3c1042f5f5b6556690515590a89ac5c0b80a1152d13db67a5c1aa86797b0b6af7b204d96d980aa17c1c9cbcf0

  • SSDEEP

    3072:c2irbxzGAFYDMxud7fKg3dXVmbOn5uQ6KjnCTC3/T04opocWKyWSt:c2MKlWQ7Sg3d4bOpCTE04Iy

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a35b833dafbf7fee6c57f4b5124ffb44_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6eaa331d56155a8fc88df8a56cadef29

    SHA1

    3c0b9527b5e04f5de6250c25ea88416f4e28920b

    SHA256

    42f3d60f87a4ccc11cc65885f868e89d39f91900950632ae6a19376ff42ccc5e

    SHA512

    c5a33a1a19d7f9b67c84c8649a1ced170a4c0d28555b74b53862e1b39abd763e3ae4ec34c11f0317ca586ca83a4ad10e87f663d7d27b26240695ee0704a32061