Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2024, 23:11

General

  • Target

    b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf

  • Size

    43KB

  • MD5

    b5ae6dc8dc7d58ea49a29f1cd6d4ebe8

  • SHA1

    10fa62a50149c998cd7f73ca087cedadfaa432b3

  • SHA256

    10a4ead8354354fb3aa07a9fd271e697c270574fac11da8e9f25163acda1236b

  • SHA512

    518497337d19586d83b58318c90bc5f0b5eeb1ae024499860126ddebfd3d08461b55f482e59ad26ddc81555d63d53b252fc62ff92f0bc95e7a417d9e2d187baa

  • SSDEEP

    768:SXuMZmwgCLWaraE5HpxqB4DO5tGFCdtgP7OcZMPcaqYO70pKFtA/WIm+LGl1lYxJ:SXFZmGWS7jqB4DitGFCdCP7ObcaqF70L

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4e06cfdb3cace5b80e17f3411d5bc37e

    SHA1

    396cdc23177e749279fcb1976e2e992027647710

    SHA256

    b0eace8a385add97dc0f64e0c27f5acaeb0921c32c13c5ac73e97beb989632cc

    SHA512

    a77f02f84a473549e29766319f043ca3c1c8051f88367f16a0cd9dbb7e4505d1bf91c700ca7e6dde2e8a9b17e84c3da440346523ac57f983f74ac9f66b84e9d7