Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 07:51

General

  • Target

    a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf

  • Size

    118KB

  • MD5

    a89ae95fdf637bad02c2c17587d158ad

  • SHA1

    8a30709bc772a2e3a540ecdff50bbce489b50ae0

  • SHA256

    fb581b150e6a79b0ac3a4959fee9b3dbb86ae3ab4993aface1a83a37ca8454fc

  • SHA512

    973d9e063df7d65bf48df54feb8671508c313d01eb88ecc54bc716c2ff29476f3d2fa3c5e30cc4636751086563d0407993617c31b590f8a59ccf0a004f57836f

  • SSDEEP

    1536:RX2mgw8Vw5gwXw8PRww3XwwKM8WkIfH4ovQCLusksVWGOjeZhnEaXRSVK4LNdC+x:RX2mgj3cLPRw2wwtPusl2+E+SVKgMut

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    69023aedfd7da59de304983f110fa726

    SHA1

    869f0f293bd970f8cc08cb7b8ba98afffc63679a

    SHA256

    b8cddb8224f8a56b95b4460afb247b3ea8d111c2d19839aea6a58cf85e2ae2d7

    SHA512

    cc0d0e7129ff17519d6a5519f1acd81ee89aa667dda144c7d75b5adb216069b9bf09816d80e60c13c08855b4885d9c6d77194c820374e608fdfd14e2ebcbcdd9