Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 09:03

General

  • Target

    0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf

  • Size

    16KB

  • MD5

    0799a5d41d13a866f5a6e9da96b5a72d

  • SHA1

    73bcf6846d193d210e92c619d4b506ee085b07fd

  • SHA256

    72306436ddeddcf04b62a3a348911064cf4b1a7714e1c7d1ac42c2bc3067e98c

  • SHA512

    5f599a77dab78f81e872bba66f6376f2a95006ef5381303e38985ceacf9ebb063a87518b8998f5325fda2cc7359c18df956dc57e4b8f419dccaaeb882e62f0cf

  • SSDEEP

    384:xPV1Ds+FJRosa1hY542gimcPRY8Gh3vVHBXO/nA9mDCgVg4LQlm0YLVcPGGYN:RpFfos1giSNtBXO/A9mDrLum/LVd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c6bf808a30470f22a01247d2fa56045c

    SHA1

    a368a85f111bd149633e408c4e1c5f69bf592a66

    SHA256

    bcb3cd4f92504df1a000d71c3a5288754e7bff9173fdd32f38ec5c543c9dbb10

    SHA512

    1c1709e0f30eae5fa422cc4fe6831562d2c211857bc1fa8c03963ab44808042021fae4b80d6f70019cbb48acc9334b1242f64f42b718e0cfea994ae52f05d909