Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 18:55

General

  • Target

    25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf

  • Size

    17KB

  • MD5

    25e1544ed84e86ce54c364a8a7f62c54

  • SHA1

    15d41ea5f3942736cc39f0abad85c72d3fb3bb0e

  • SHA256

    594e72af05cfc61089573399fcd4517f0744f4b2e2cd62c0124ccd1e69fcb7cc

  • SHA512

    9fb2b9a366a434e407ca327c85bed252895a89e1ea86b5351aaaf1bf2e821cb928f2223b6ec99a7eda97150e6e7d61e37e14152e1ad4e52deb29985491530054

  • SSDEEP

    384:pPV1tJmPYzafbckLLbUFYDxMDX5KZwowxZ74bnzXqKo5vHNZdPhbHvKVvGGYS:APlfwSXCzIZwowxZUbzXql5vHjdPhLvG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    bea012889f7ab98fb7a6f45fd8cfce34

    SHA1

    9498234d3e03c474f15a1c5a84968472ccdb00b5

    SHA256

    25aee045efbd79da949594a31ff303078d2568c13850547c04f5a8617ad86273

    SHA512

    aa077d7488c32b9923d51ab465d4fa887f477ab7d1d1e18add1a626da5ecca8fa5a32cf4c5ddea1bf4dcce580349827a35ed64a7f07da3403874b5f7b193db5d