Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 01:49

General

  • Target

    06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    06fd680914fc0b1cdc4763a41ae1180c

  • SHA1

    0f526af731d561ecea5f8d1e6b2398493c165c07

  • SHA256

    e9b211be77faa021b95a9c50d8be52019657de140c13b9cb447d5a3bcf114ebe

  • SHA512

    a8e19bfb50442af887cbb9594bf85fe10ab40fc84bf1590bcd4c5063d2d45b8b72d0844974e4a0f0ef8ac860e2c3c99dae714bea16662aa189118659b4e7ccad

  • SSDEEP

    192:pPz4ULMxLIKXHszsVz3Kw0zbK8RL3eyeTUnulwgcHKSNsHki7rUpd/3NjxlfVLPQ:pPz4ULMxLIKXHsAVDE3RLB4UuCgcHKLp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    8f5bc6a016042f135cb37fe6df274694

    SHA1

    81d2fae1612d1bd53d7bc8966facbb675dfd5c47

    SHA256

    284eded0aeb792394ba1b0c13800690afbca976c972b415347c58d7c30271622

    SHA512

    621542e7c9a43edd67dd7c8cc7e3a36cc13d13ecbbe2d0cf47b811b0e949e1fc5df603c1d8b6fcf7933363f65b179e0b0ef4e5c77331fb486a2c9e66dc945958

  • memory/2072-0-0x0000000003CB0000-0x0000000003D26000-memory.dmp

    Filesize

    472KB