Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 21:03

General

  • Target

    26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf

  • Size

    87KB

  • MD5

    26337219076024aaca2f0738cdf84798

  • SHA1

    e24e3eaedd56e84cd633900f34477540dc463649

  • SHA256

    b2338b1c260ddedf458234c3afc4b6dd5fa341acf2c605af0c6a898bb5d80943

  • SHA512

    b5fc18a48aec78e998dbae2d42efdfead19d8dc6c93f8837d4ea71a25fc39de18267fae9dba00592c1ad476b7382a1e9aa19743dfce366e254dcfa696bec6cb3

  • SSDEEP

    1536:fAncgc30F06piQrNSriZFQGSLYrDW3T1q6X6lSF+ZVHVRKW3m6Tu1n5qMR6W8pOr:2bxNS2ZdtnWD1qWHFOVLm6T6nHRB73

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    22e5fe8abeefd42d65b7a5df6dcad2ff

    SHA1

    d2ece7fb9f43e9deea2a29f6b912f0076f69153c

    SHA256

    3b233350900ff45a93c26a170163e9d952134cd409431a76ccc596fc4cf7823b

    SHA512

    577513234772571546d5058bebc449f6c311f58f85260847ee8d51e1d71f00a90ef9447c66b2ce898fe25d0b152a088244193eadec748c13131464f43ac20e8b