Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 07:12

General

  • Target

    071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    071ea84bd9cf4878a0296f000e4e7d3b

  • SHA1

    d1029b20eedc8bdc073672bc979c6c5f60ce26a0

  • SHA256

    fdb6ec73bfa93277085364277da3e2c7a255001e42448290dbec41e6c1c37787

  • SHA512

    8b52763ef55bf55eeb4bf14a35a3bf1b28b3e34078531f6bc0840fa481efc791676dd1bb9fb69ee673a28a1db784941eaa8481aa5b70ca0ba0c5991d7164ea68

  • SSDEEP

    192:iPz4ULMxLIKXHszslf+6ahM4Pm2IkGlsyoCBP6ERTAWBqAB5UO8ooG/lkMIXTkCw:iPz4ULMxLIKXHsAl+6emUGujqPRuwB5r

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4e5e03b2aeb5bf860adead859e726a07

    SHA1

    5ac9438ac1dc85cc9159ef5e199ae5bfc051a4ac

    SHA256

    8e2be4a5ac7b566f1167c4aa27d6c130063c9c6e2a1238e80dbda5a696975086

    SHA512

    c362c5b3b6c05f8ecb925e0574605f543841602b5f015471d00afdc64b19f328150f21fb4e78603019945a9c369da9d6d3a6b1ee0ddca82fcf53c702ee33f7fc

  • memory/3064-0-0x0000000003F50000-0x0000000003FC6000-memory.dmp

    Filesize

    472KB