Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 21:07

General

  • Target

    2636d4a653641ba6807038967f679808_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    2636d4a653641ba6807038967f679808

  • SHA1

    78deefc4e1dda6e74229ebc316031d4c2418c88e

  • SHA256

    8cab88409e20fc39347e514b64c918b8fdbdc626108b5fff27417ae12bbeffad

  • SHA512

    361d7b5d545755d3c79dcba2cdc29d599c2a9a9591744f765f7b271dd5ccb052a261033805d857ac67321e9b5e1ec87e32fb069fbb1510fd4e946f7e66674fdc

  • SSDEEP

    192:VPz4ULMxLIKXHsfyxxdkL99uWKm34b1NMcJ81OAHOYBlrEvh8QtHBhhXwtPai1kl:VPz4ULMxLIKXHsfCxW99bd3A17J81BuF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2636d4a653641ba6807038967f679808_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    0bce5d4460d7949cd912e801a93c53cc

    SHA1

    0dd00c2f77e0151646b9b83a9becb435d8a66a43

    SHA256

    9f2b2787616bb965ea0b12617e7a278fbd1a7a908d785053a203b15493b6732f

    SHA512

    ecaf0ff263325f86fad7c142ce74e2da8fec97c8e8794b582671e5b0036b55a764181cb8ee7e7d21938b6f44530ea82ae06cb3518326fcde87fdb5b7c868d83f

  • memory/2020-0-0x0000000002ED0000-0x0000000002F46000-memory.dmp

    Filesize

    472KB