Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 12:52

General

  • Target

    089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf

  • Size

    8KB

  • MD5

    089c77e08df54c079b4bf77e90e03743

  • SHA1

    7f7bbdf258af84239f3452f7b3d450d3799f6c63

  • SHA256

    b6d0bbe15f2941b663f228b801c452677700ee275762aa91d04f006c1e6710c9

  • SHA512

    b9c512b4a5e64bae6e517e371f3dd2c68c3c15bdcd352ecedf5a08489dff47876498df77af05b99bb49a2dcf86508c05d3f7a0c13db4909d679e8bb26621fd11

  • SSDEEP

    192:gP5u7kLs/CP/VZnpaJeEuPLKqrMpKK3ZtGIItQzV+zXuyykYO:gP5u7kLsaP//npseJPLK24ZtYteLfkYO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c6a1ccbb5b26c6c8be9c54394e122b3c

    SHA1

    693b3a223adb0dd77bf6f7b27f3fe7946200511f

    SHA256

    64b06a05466be9f554f5945e0e10d9df5a5bae02e8b45d6c4adbd1eeb7678e1c

    SHA512

    38da0873cf2f99ac0407017297c1b7a6536bac8358bd244d200441a62eb4d9b32f89163c0b6a2388008fee736dd36d2b606d78638b23a34404c0ae226e2d5e5a

  • memory/2896-0-0x0000000004170000-0x00000000041E6000-memory.dmp

    Filesize

    472KB