Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:25

General

  • Target

    a4d6a2491d90a87470a3d59bd1742e18_JaffaCakes118.pdf

  • Size

    36KB

  • MD5

    a4d6a2491d90a87470a3d59bd1742e18

  • SHA1

    b5186477f188ff2f4bd5c131ded5db9b2c5cb067

  • SHA256

    2455e2b352cc7b8840a8fbb5e769c34826cc1d5400218b264f65d8cdd79bf45a

  • SHA512

    4dca6337951ead8b0525a01c8f63a86f63775877cab73e45671fe78bf25726b1db700408f651a74e26829ca1d0499b858bf16130b67bcad9001d73fee9cc25f7

  • SSDEEP

    768:IgGzpDSpcLZSTO3pd9w/F0ibsOeoeGBR0RWJufP8zROeBz2dU9/RQi:FGFmpBds4tsRWJuXGzBydUgi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4d6a2491d90a87470a3d59bd1742e18_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3addb0f464858a58ddc1869da42fe83b

    SHA1

    de30e842b230b3a8faac7c3c15902a9469ab3f5c

    SHA256

    1913f334d698a488befc30c5cfaaa872298f80284f648f4301346e252b5a9127

    SHA512

    d194084e6c4b0df9000dc5d60dc0839dec6cd39d93c41a5d01e25ba9c813badad043e80ec6a8e13ee3830ae78ff1d15c774612cd8cbc5958428cfee5fcf8bdf4