Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 11:53

General

  • Target

    085a4a1870ff7499899aebbaf76cbdbe_JaffaCakes118.pdf

  • Size

    15KB

  • MD5

    085a4a1870ff7499899aebbaf76cbdbe

  • SHA1

    04dff223681e7fd7d38d3a56598f5ba8dadda56e

  • SHA256

    cbe193b6639ac44c3724887c3c6cd095577b616f9f81e746c9f2294c04cd30d0

  • SHA512

    d66fb081f260108f750326a4aa132cf70d57039650fb86566ff644eeb0d3fc6caef88eafd0326dbbe1a11f04c677a77b029c84304a7364deaa92eb3316079913

  • SSDEEP

    384:YP5uqkRnO0G94JRlQbHztVOOgUtzQkASn/zqynPljNQ4yyg0ylGvuH/2gbYI:TO/94JRlQHzOOgarJVnP9C4yR0PvuH/5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\085a4a1870ff7499899aebbaf76cbdbe_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    fe1ce1182f9294c278493fbbd0b17d92

    SHA1

    b88ef820c407d59f9f02002ed4cfa47fe3d70f4b

    SHA256

    81f49b41f822aa9087b11f5ebcdf829685e737369fa8e17f5ef7e61ea33c38d2

    SHA512

    493b6b3e6433d7ab9ba112a3c322ec5d5f3451dd461325abfbb675fb5ab72a48a07ab18067f01df155617ceb66b88950e89d6096ef006b24af50018f1e49d5c9

  • memory/2236-0-0x00000000027A0000-0x0000000002816000-memory.dmp

    Filesize

    472KB