Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 03:43

General

  • Target

    a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf

  • Size

    31KB

  • MD5

    a3b681d1a5032ed88094cf2f7952b878

  • SHA1

    ab62dfe4d4becf85a8e7e8e27f4c540fab2708ca

  • SHA256

    08078280349c0a883e269f8ed85853b6c4f61ae43d97d9ab5cb9aa641bf86f62

  • SHA512

    1e1ed73395874eee4e0c07ffe825f3c1d491da37a95aa5f8cc8c7ed4de6814a65ca75e1332af304283860724842e2e5a0555ef3a2e7b54237e90a13bf9ac6a65

  • SSDEEP

    768:bNXuMZmwgCLWarxRFEytTyn65RWNfzwGDgIy9Vn/YbApIfM:bNXFZmGWSx3EytTZbWJzwGDgIy9VnkVk

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1dfc0e90458ef1905d810db0d17a043b

    SHA1

    f64b73363eb3fbc9c81916fb48f9d510976c525e

    SHA256

    11e9ca8fbb44f9df300dce446d0a1bef79e4ae9fd6e3dd0a21e5b1b02d500d45

    SHA512

    e865e56a9f08008278a71e329e7eb65ae14f171640629ea7442196f9fbcc2cf80fcb1c83cd7e6329d241389900f71f6a8cc67e4e97f1cc48951f4a9a4f614f30