Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17/06/2024, 05:00

General

  • Target

    b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf

  • Size

    65KB

  • MD5

    b6e2618888d2ec3a16ef8c80b1fe34f5

  • SHA1

    6aef7bb0181ca3ea2bfd9e07e4967571b3fb3554

  • SHA256

    842a97450eefa31fa379b51c2e6b4c9aa7c3647de5e765708a75c3e766ff0bbb

  • SHA512

    1705350a9205f0836324d79a1e8122ac96f9affd2a150c128a23d0ff49784cfa6ac232905c4221f224f501c970a3bf9b0ea043cdc12ff4da6674a712e5e64cc0

  • SSDEEP

    1536:bGFO4ED0svq2sh6c3IRAg9iDRb9GeRbFcutIXX1FHhZj:6FO4EXvq2sh6c3INMtBBRp7tiHb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    bae1a5570fcc6a447e6eee8bb8a7420f

    SHA1

    55c9b21c0cc8a572dc8c1512d38fafc5f575f252

    SHA256

    8e09949a91d582ddb4b44f9667a29208d9985a510af43a0c1d981866d92e476d

    SHA512

    f2e7c4a5a869c0cf08eb9f6de2759896a500a872ea12cb60976a9313f1af7c90e1c97af8f5c355a666ced04492036206e6238fe9ae5c280e621ea4403600f99e