Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:17

General

  • Target

    a4cfa4128636b5b8174aacb0f4b7b00c_JaffaCakes118.pdf

  • Size

    52KB

  • MD5

    a4cfa4128636b5b8174aacb0f4b7b00c

  • SHA1

    b92ac6914ba2fe74b777c1cf221488eec2e963a3

  • SHA256

    5038f08b3669933fe1c08a7ff4c0f5cf1789d08924f03b0f224a947a1c8779c7

  • SHA512

    04c20730478155722b8fc6f12b8a3e385518bc6abce011457f64bebdb3ed543913cefa2bfce5e23d14e81fdd26ec6f32ba138e2583b5d5fa90e7c512de99fb6a

  • SSDEEP

    1536:mGFmLXEReFvjFekmrwpoX/p+zXOHR9Wy2vO/X:/FmLEKQB/p+jkR0c

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4cfa4128636b5b8174aacb0f4b7b00c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    a653971082482ce080528fc22c40b1c6

    SHA1

    f4fe00c3c77434535e34a781ca935a81b4aff996

    SHA256

    e60be507edc84c422c895ad2b8860b4fd64616d73b2175adcdf3d03f7512d7e5

    SHA512

    db52a17caac027c89ae0857c1722def058d93348e60a5504c1e7fb6d749aae813e68b3106e8ba24bd64b9fb8f0b69f201d7fa6c67ff977a39f85a47b36b016fc