Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:36

General

  • Target

    a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf

  • Size

    128KB

  • MD5

    a4e159ed34d7c243c62d87f9b523fa66

  • SHA1

    ee0f4c5cd812c48e296c0fd262aa3e821ca341cc

  • SHA256

    ef4ee6313b5cbc7cef0d303d89ec1263a27603383fad7719b9e7d27d671b26c9

  • SHA512

    d5383aedacc079d218181fd8402b99195e7e86bbf5f8d681c0445c6e3995f3fd91eecbb7fa3d99b66b9a9d9963b333b1814eba1a3b9a3f55f07ebe39795d3203

  • SSDEEP

    3072:UysEpuvbX7Sn9ZV8Kfxwu3eEZhLEh9eHHcnYNsLyp:duvXw9X8KjeEzEhUHEL2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1bb9ab6af07948949eeec130e27d9eab

    SHA1

    029f94691d7c464b6ab727f96919d676ff44d6ed

    SHA256

    311487619418c1196398bc195c07ec3fa8093cc2c6c2a190d82a712ac2d18e06

    SHA512

    d664876bc12ca13796f4b0700c78ae64ddca33538007e3df55a05217ec01be6e56a4477a970c9d9306e837b3d274c5a6e8f805c92625060a0ae3d2c605fc30dc