Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 08:12

General

  • Target

    a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf

  • Size

    43KB

  • MD5

    a8ad6e088a82d57fe89b9a9f8293c59a

  • SHA1

    b3230ff3e9f4bd76e7cd66396fc1ccce2df2298e

  • SHA256

    4e45244ce7fa54634539598cd3de49a6e4a9fc0eb0e4489933d5e7756b07b275

  • SHA512

    0d9dc917bad36479496f6c7cbedc68d793ec584a8154e6017fcb5e1afeada14f7773431fe647d1d8eeb5c754b2114fc1812b3e28736aae31ca3022f942c83882

  • SSDEEP

    768:gXuMZmwgCLWarlE5HpuIypkxfKWaLhv/Sm29z2lKLy20McD1uPvT+Zd2SWAZvNAn:gXFZmGWSW8IypkxfKWaLhSB96oLfcD1s

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c36d1bdd406eb40f4070ba1fd0bd1f4d

    SHA1

    80178a365049d243141c84d5483e223e83e2d66c

    SHA256

    ae779831411aeb7ad31e66916b45d6aaebb10c756355c892acce9b8fc187d505

    SHA512

    647bcab7ef1519e0605dca5488e3e764ed5deb29de0f3739e19bbf812ff2ff1b6fc351238eea07e66f1ef1ab91bbd5ff70cadd92d8466774f67674674af2b581