Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:59

General

  • Target

    a37751826bb80f1c394bba8eec8c1b13_JaffaCakes118.pdf

  • Size

    37KB

  • MD5

    a37751826bb80f1c394bba8eec8c1b13

  • SHA1

    13c12e1c4ac9b72bbb9661a99afd90ebfa1f4f6f

  • SHA256

    72aa6be8d741bd77b015be1f26ca73273ece2e11c83891d58ede4d8bf46d994d

  • SHA512

    dd2603ad7a48c757b5d6aeab022e4722532c89527412013d8ea8a5a933044ab176f54e595d24dc600053ab6b2e893a366139c295a5bffb4ab04c441ac15ee156

  • SSDEEP

    768:CtKjDk/jlflJI5hz9iBRHSX0PGHkkyI3+1y9tKF7BSUuNcvapsi4U9CRnE5dXuM9:Csk/jlflJI5hz9iBRHSX0PGHkkyI3+1u

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a37751826bb80f1c394bba8eec8c1b13_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b1ac0d7cc77669ca5132a6c8940e7f20

    SHA1

    ae2da10c64cf1b38655ff9445e2769260f23530b

    SHA256

    00ca47cd1a5d28c1fd6a5c83cdbac90137ff5608f4e0c475c920e0b40fcc515b

    SHA512

    2802713a89bb146ae3519199c545c57f9db2c59b6a6164337fe214dd2a3000b415f4c4c06330d18b98c53c8e0e56aa9397c8c098ba8d9c86e68fa612dc80ee2e