Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2024 06:11

General

  • Target

    ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    ad1f960f6ab63e1a1f2a9b242cc43001

  • SHA1

    1fa1387308376982ab9d15391e78bb20684f29ae

  • SHA256

    496777670cab263a8577fa5bebcd86011f9f89c6b3e4d2aa793e50153f297a76

  • SHA512

    10363572f7a9468fa35096ee68487579ddb362c65b3b934fe899a230ee8eac46fb4f565aa50982e58f01ddc48e42929ebf72a2fd507d3290b7896d81c2e1e3be

  • SSDEEP

    768:1XuMZmwgCLWarDE5HpxWcw264L7sMuUd5UCkbDzblcNYEtGtY6qQnDiL/9sIE2IU:1XFZmGWSMjWcw264L7buUdqCkbfblcNL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c7938c33044c2ff1fac073985cec3649

    SHA1

    611406207b1d2e0212caf6518a4e57f3537a20a3

    SHA256

    81823446646c526e89c79f6f9be75adbfd3069453836368e151f5fe22f452c18

    SHA512

    fc3cf4d6477bf5203af8631502cb174f0bb4c972741bec640e19f29921346846c833a55793939e4dcbe1d82c3771ce2c358cd5efe66f6c392f89e1740905d4a9