Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 08:02

General

  • Target

    a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf

  • Size

    39KB

  • MD5

    a8a4d47eb6f58f8cc63a3d82344b3323

  • SHA1

    e30fe2d57b76ce70165f1ab7c5b6fcc5a9e981e2

  • SHA256

    d9bf179f093e28fad4bbf6ae8d4ef3532c51af30fedd75c84e794b70312baa45

  • SHA512

    d7005f2ad2b6828a9b527892d97c34edd6c497e9838eef6d1b238d8ad15bc2692ef3a73a90e574749f4c842b891dc5c3a85f0aa64c332325d2a2fd05cc7d77b0

  • SSDEEP

    768:CgGzpDwCANILGNtlaRU/JUscO57+zH/9xZeKpZ8ZuX1QQtZT4rtX:fGFcPulzH/3ZeK38ZG1Xl4rtX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9d1a0e66f4e4e1716f0fb44e4e3f56cd

    SHA1

    f2a3e1a4cab5b6b52601b04091a84d1d08f90c92

    SHA256

    f889eda317c4cf6d7c84daeecfa923dcd59863bbafd100484774f07c855d021e

    SHA512

    36e53af378346d80efd978e30dc8e31db21a09915e7ef61ec2a5a1a1a3c27fa24e3dc4f15c7a80f87cc1c60bd1e9b007ae2ff754a8be521c9a86f353f29492fb