Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    05-07-2024 15:18

General

  • Target

    26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    26ff62e5ad798d26301926232919c8cd

  • SHA1

    40a7c56d806ed9f4dc333f9f4f448f45fe253a95

  • SHA256

    ec855d6db318d6ff0257a81bb7228c09b27dbf2b4d92e626510e02670c038c6d

  • SHA512

    3fc6b7097eb73aca9de667612a599561bf58847d8ccab53296ee4911986e2df0aab3f4f61596e5c32d1e2aeff8c45a112b4c01ee7aafa53761ad5a0e8f4d1f9f

  • SSDEEP

    192:7Pz4ULMxLIKXHszsdAJUl4ASIGE5tPBT/qv6BTz0th1gnjRIZgQaAqQAzepyQkCz:7Pz4ULMxLIKXHsAd6Ul4tmlR/qoz08jC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    603cb81435689666927d719c77d56034

    SHA1

    c63d3096e3ad07adf3cf5ca8e50912167cd4382e

    SHA256

    322416a653808249d946adebdfb0640c5bed067e3bd8780afa9af9f46b5ca619

    SHA512

    5e1acb501979f664be9b35f5272e33017195caad6192b53e6b36225f53f65f02b04564b022b8bb8bd9662a4e9081a02d5da4322f18d4dfd78be8df5af1d78654

  • memory/2460-0-0x0000000002D20000-0x0000000002D96000-memory.dmp

    Filesize

    472KB