Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 19:17

General

  • Target

    25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    25f3a7caf0c932caa3d4351bb6f80be3

  • SHA1

    125ceaf8f17a4947a8cace22ed83e69dc63207da

  • SHA256

    560dc2bb158238e7076ed703026f2b32758314a24adcb7cd47bf24570f7d29f7

  • SHA512

    0b13c28a9eff7dfdfb3be23ad52bf98dcaea30a79ddd90c948fc52848a79a7b033a8760462788282662737121a81ac9c76a40ea0fcfb6928d277e654712965d6

  • SSDEEP

    192:lPz4ULMxLIKXHsfyxTDdbgZi6kZpYiUrjEotle+DZ3Hzfor65BCjoRM95SEySoK0:lPz4ULMxLIKXHsfCTZbkegzlewzfmdkn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    943a47532ed6a35636f4c5247e26d36e

    SHA1

    2284b7fc23fbe6bd9ebd5f3eee07252dc3ae982b

    SHA256

    404ff4af7bb8fd71576584f9e7d432506c19e6c99cb6548d3f3e3628ade518d2

    SHA512

    e6baa9526767fe3bff5db85ae9113b741c038351e5a2ca63b213495577915a3d284b16d7a94431b151c1d2f3b0e6d19164c5ad5da0a67bcb7bdca19b3283fa31

  • memory/2460-0-0x00000000034E0000-0x0000000003556000-memory.dmp

    Filesize

    472KB