Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 08:36

General

  • Target

    a8c3927535781f69be3c84ce3df5e0e9_JaffaCakes118.pdf

  • Size

    36KB

  • MD5

    a8c3927535781f69be3c84ce3df5e0e9

  • SHA1

    0b461b63d631a52c1e289aeccab038aceb260aca

  • SHA256

    a389ea77e2ca7057bc2c797705b84d44292859f41615191c77c1649097294de9

  • SHA512

    14535f2ff65bb6fe7a384c053148d2f15526b927964e334ba62c9e64ddf786f45f1c0d6f593a55599665c7481fda0d465d540d89689e5e9d373bb16ac80fdaa4

  • SSDEEP

    384:E/QON8MUG6Qgw0JZCTzz02YFnarX/AGpSmldYm2jExJiGf6aYy4plgk1eKE4Bi3U:EXuMZmwgCLWar1z62UoTUrTlaE8e7xe0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8c3927535781f69be3c84ce3df5e0e9_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    685f34fc7efed224fa53be1d01598d60

    SHA1

    3ec1962ba9304f40ccf9df2df7bfb9efd464af07

    SHA256

    d8008d22a4de4264659a8d3f1d564b6f66dd3263566b3c05a2afbb658b609752

    SHA512

    4e122ef506b6d7792e2cec4fd3e98eb33137e3e99856002779494301a102aae414e5a08e7d68b67a4ecd13ade47d89ca7a77ea824171fefc573563fa40e8fbc0