Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 08:42

General

  • Target

    07824e1bd24919cff01a1a229fbc76d1_JaffaCakes118.pdf

  • Size

    16KB

  • MD5

    07824e1bd24919cff01a1a229fbc76d1

  • SHA1

    fde0464ef84701dd10eb3cb2c27f92ce572880eb

  • SHA256

    3c1c9f461a3602a419f0e8f2f65d09db3990b531d18e098e88d0a5193f8000bb

  • SHA512

    26ad48385a50e88d6625b3b8cc5526c01f5ecb1d2a0e3d9861aa9df89594c8e09fa234650e4f5086d76b46a3fb8a688b1da72b07cca479ca42f797af5b4f7cb5

  • SSDEEP

    384:LP5uqkbRTYGPvzSPfFDe3LVqt+dwtBmfjMA94npbDa5Om025Nt2df/gUsYH:lGP7Yf8LVq+QA9YdDVD2Idf/gUf

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\07824e1bd24919cff01a1a229fbc76d1_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    08bfe795ed70c3296280ba293b76f4cb

    SHA1

    4aea6a0a3d46489d307e146da8e25cfb0f0aadaa

    SHA256

    36c16fe1ce4271eca394b0f331016b863a8547ac0ce11273c1945f5e6970060a

    SHA512

    292fc6d7b8ad751a9a5138149b1a5dd9b3563305d996e7a75b34774b4fa1304fa07f0ea715c8b1b676944825a390dd9389f6f7e29f7e42f68f4913b5bf9c00bd

  • memory/1768-0-0x0000000003670000-0x00000000036E6000-memory.dmp

    Filesize

    472KB