Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 02:51

General

  • Target

    a397fb0913fabf2a871506d9d14d835b_JaffaCakes118.pdf

  • Size

    67KB

  • MD5

    a397fb0913fabf2a871506d9d14d835b

  • SHA1

    e16414307cf69a5e94b0b0229e0889ced8967e65

  • SHA256

    64fc568bffe03a9777d5e4f60186e78eb3a19f285e280c513e3ec98b22d0e183

  • SHA512

    9fa8addd773326875d58dff2d4774774ebd331e37e26065e9466dfb3270f8f70e8cb458efe2ddec00b6b6957f043da75e3e814e8bea32ef8e4735b9dfaf7c2a3

  • SSDEEP

    1536:/GFFwsE8ydxQM5O4GN777+snjUi+wSRy6Em+:uFFwsE8ubs7+U+wSRy6S

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a397fb0913fabf2a871506d9d14d835b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    27e9eec58957bfb48176bb8d2fd06959

    SHA1

    85e83636c5d2af659f4e8da1d794a410b0b53ddd

    SHA256

    9a5e006d4e7c050814c044472955cd07725271ae38e247f05a2cd56d330b01ba

    SHA512

    d3933faaf426e27fe6369a687d7be9264b562e7325b4ea7c1becbbfc683cc4a54cb9ac482ece626ddd858d6f313a688dbd4cb3f5ba9784635f75f878fb74623e