Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 10:11

General

  • Target

    07e45135893f8a57938b5c593fd6391f_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    07e45135893f8a57938b5c593fd6391f

  • SHA1

    a71a468ad09119c7188d3f262d96afa26d7072d8

  • SHA256

    95c7f2d6db30d3a7827f1c1a93d579f4dd48324c9dcd02df2f359e958f6cd65a

  • SHA512

    81094874ececda84e898c7fab980364e74c93ebb80e68b39f6c685c7af3e183a6e3af3207125cf5576f6eec5030f54d95e9993f8e1acadec669b2df34ee19dc5

  • SSDEEP

    192:pPz4ULMxLIKXHszsOcLesGKaZb8BQKOVi+h60kCtNtM7vxj0eDHhdKjRgzJukC0:pPz4ULMxLIKXHsAOG/aW5BehkCXmvxoe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\07e45135893f8a57938b5c593fd6391f_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    7ce0b88359b60b859a6fdc6c966ad3a1

    SHA1

    b018ffe1361271f33fec6747f9c1dcfaad007519

    SHA256

    5770644a564545ba71dafe5b097cadc731078af753041ba120beba4af9ea30a5

    SHA512

    345047a15e68d2eec50198e0a6c3ee1a5581db6b1709baca20930f84e4236290ff7efb5d0b02a3e66f5769899e722bb73b51b0c4e0c38e0274eab9d5b00a1bcf

  • memory/2176-0-0x0000000002D20000-0x0000000002D96000-memory.dmp

    Filesize

    472KB