Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:19

General

  • Target

    a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    a4d1cefb1287310a0ea5775348777c15

  • SHA1

    4aceb142a80689218590cb56be737fca6bbe4a17

  • SHA256

    490036d4dc9b5534de1bb95a379a991d7a81d06b1f61a2e5ba927b529b0dac51

  • SHA512

    59978cac7741fe785b93f1e96515d4446e1a6ac4847a3a093018c9b18bab624f39f0c9014f3af88ad957d64e03a3a56395325720f12c5ae0fe95615f32132531

  • SSDEEP

    1536:pGFGprxb8t7tsBm+/+p8EELtbMDC1Ldbg4/:8FGpJ8rzl8E0eod3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4f9a7849c1f02115e2fea79810a5261b

    SHA1

    15c7e9bfd8708c5cc829ce685695d7c0d7816e38

    SHA256

    4d8daf143f433fc6d97a173a5444da8ac1fbc49a1291ad01c25eeae301c4d4d9

    SHA512

    2ea81e749ec788f5e780976b251e498bcdb0e4bbff74f489add0f152128af321dcb59353ba7ed08f7048b728fe91f5781518fee358feb2aecd5c9f484541559c