Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 07:46

General

  • Target

    a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf

  • Size

    23KB

  • MD5

    a896c40a16996de22af062a435906fd0

  • SHA1

    b44d7cc39f4f2816fca8be7263b3aa1e06fab16f

  • SHA256

    23ab9e2a3041d70b6cdd85fc42af1f1c8b5d54ee8da20ebc4965f2aff6b707ce

  • SHA512

    7b54b957dd763e22e9d9c60fec36a26b00460db7320533957cfd291719199930781c7f480bcfe1a84004c1aca7ba8e62692e8728253bc82396e88a2e363bf27b

  • SSDEEP

    384:Vzdq5soPa9bVSMz1bM4+IGJzkT3ibO4s8XdiBlSdgGBiURinQqBM7qRvqIz69iGg:Vz427z1bMaizkTCO4s8XdiBlSdgG/c3N

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    ef663e6450d54b249af3461aba72f8d9

    SHA1

    94f1a0bf4c6e24b955e07bff786bb800e9058cd8

    SHA256

    036206591d83ac2205509069271d48b9fcb49ac962b1aba5fda916abb83d80c3

    SHA512

    5ff4d3e0a1d1a628a2b6556629731f9301989e853c5f2828271bd3ba698ae9164af5314b7829bd764bab65a4b70c3e829f026e4b7b6391d90496438fa4143d71