Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 11:53

General

  • Target

    a566b9ee315308d0acad40451a63eebb_JaffaCakes118.pdf

  • Size

    185KB

  • MD5

    a566b9ee315308d0acad40451a63eebb

  • SHA1

    7790e239bd5fe2262aee1a80587fe6a96dad21b9

  • SHA256

    a5d54315980fc2628d51b41928746e03c0624a683da339ac8240cab4efa6bc8a

  • SHA512

    4de511b1dbf391813d0a40038e77fd1675f1678bd02c70dce07845c08c12cf1b4b869108f602788f21a3e4918c4c13b36dd62be4ad560fb6c7c3440b610677e9

  • SSDEEP

    3072:Y2irbxzGAFYDMxud7fKg3dXVmbOn5uW6KjnHoazAVeWAgG/LoCJnNoSS:Y2MKlWQ7Sg3d4bOHI8AhDGU4o

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a566b9ee315308d0acad40451a63eebb_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    009d086b25d71bd7053a1028459de182

    SHA1

    d43ea8532704b6e687d720af9e224391109168b2

    SHA256

    9fdf4e023056fcfad08cfb0918299523588e18fbfc196b95439e4bbd51b08bb4

    SHA512

    482542c167ec5e9b57adefe4e649f7e3c45decaba07c8539364dc4d1e7fcd4cc54296f3d6bafc5f2ad4d820e77d62559878ac52a953787d5e9bd93f6f3c1814e