Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:14

General

  • Target

    a4cc7f9da52b995d9049dc2e36025448_JaffaCakes118.pdf

  • Size

    44KB

  • MD5

    a4cc7f9da52b995d9049dc2e36025448

  • SHA1

    49d2e2883ea0bb3178f7aecf57eb5f53a1bf8c54

  • SHA256

    9b7ff7d3779b8af73c61b82ba5eae9fa6df45268610bd0a347f85451d24bf38a

  • SHA512

    e9551f1cefa9b9109790940ffdb80d15d86c72b19170e2df49dfed12d6026ea08290b3de51c7b08efcd18ee6e5043df66c1ba096802904630aadfc10e4ff7271

  • SSDEEP

    768:6gGzpDyBVksi8d4x/Kx3/RQ7sTl4lhEeKtbBKLEfeguUtv3lnGbgdJ:nGFmll47XUeg5t9nGbgdJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4cc7f9da52b995d9049dc2e36025448_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    be31a7f033bceeeee38eb1313be7f39a

    SHA1

    e29699075ae6e12bcd26e67543dcc8a1a587f168

    SHA256

    1442a0b8b0d4f48e4b26f7cdd436afc6a9732528df757cf256fdd4c6633d4fea

    SHA512

    3851889396648a5ab1bc9ca92202e2223f1864aed518530cba4bfd1d0d4403d569073fd1ea52a97533eacfd2c1b3c5981faf6bd8b5556870507f597a32bbf43b