Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:13

General

  • Target

    a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf

  • Size

    38KB

  • MD5

    a4cbf126e9aa5fa66c5d6af53c7fe350

  • SHA1

    beda31478c21d0c5a18229d2f870d1ae51b3a62d

  • SHA256

    efe2c9125283b00d1a5e6916cad97aeb468bf9aa6adf00468ee3483f3fef99bf

  • SHA512

    28c6d2a63195421f4f34ff075883f97fe651e5e262b7fd00f4e8198a2a531bb6e9dceb2a81e069ae37d9417d56cab2679c7649b00d9ae2e9c86fc60f860a3169

  • SSDEEP

    768:CsyiGB4NN2oGuuTfBe4m4eGEwq738vEyyOnpyNIebQp+JzgKQbaOsKBYfpWnh5SD:Csf+8FuFepxX738vEyyOnpyNIuQp+JzN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    15fedd09ae557a46c08253bbad5da812

    SHA1

    a3e61f4206b3efb99040eac0c01603a132d396d0

    SHA256

    677d1e44d35dbf8a747ea4883872a23bf7ae95fcf10967581fb3aaadb7bf7ccd

    SHA512

    d910f883b18b9570c8e8578574ae75d4e579b51b6bc6cd4f6e4dace2000a03ff4024288472341174c9e481a514f8c169892500118dc0aef53d05d93374b7ee38