Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 20:12

General

  • Target

    261c6365cd21984088560af0c4fa990e_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    261c6365cd21984088560af0c4fa990e

  • SHA1

    22fa64510ae3efd63bd39748e810f8c21b65312c

  • SHA256

    f36b7e5b55cacf8422d1e53c4c5dbd82c49f956304b2361036dcd5f82c3df381

  • SHA512

    6ad9d3417a4961cd3bf01d786fef3b7788827b7b7c2c536fd6a06e108626ec667d369ca429761e5b4d83e0f7ba90d83c647895c6bf86991cfbf32320c79199dd

  • SSDEEP

    192:tPz4ULMxLIKXHsfyxY4gJhkwRG7dDohMXU2AG/H5YxJRNxnFexSWCy+a3zNCtgPY:tPz4ULMxLIKXHsfCY4aEdDsMk2V/H5Y7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\261c6365cd21984088560af0c4fa990e_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4c3ebd68e9b65f35e11ffe214fdf9932

    SHA1

    59e6e515ea254c97bc63eaff0c2fb5da7c3f8d43

    SHA256

    98de45a7d744af54a82157991464cf50617588de304988b6d214debe73c91d29

    SHA512

    7bc10fceee3feb6e9bec0cd2427bc0a65ff188c2c1221368c4b35e1e2c7ad952acc81f02eef0f556518df8e982c62c21766c6b4fc3641795efba0f2f4dacc30b

  • memory/1996-0-0x0000000002940000-0x00000000029B6000-memory.dmp

    Filesize

    472KB