Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2024 00:04

General

  • Target

    273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    273880dca7b7611302daea1523284c5d

  • SHA1

    3d34c2294a7e17ea436c197451518e82894d33b3

  • SHA256

    3338deee842c33ce12f8a802af8cbfc5cdaf04903ab7f47290c11ecec1b09e95

  • SHA512

    ce3f4fad4f15dd704622940d9c7f9a10cc399071cbd4d4a0a0b64e701c15f47c34181a8f858474d5ae366865cd94560e3518b94f37ab3fd1f89e89b61e12c243

  • SSDEEP

    192:jPz4ULMxLIKXHsfyxOcDqt/JkL+7X09cLfCZcpcDVocsXiB6FcovcN5bjga6xKk0:jPz4ULMxLIKXHsfCOcetSSicLdposyBD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    20f0a74f18216bd078074e4ed440bacb

    SHA1

    57c270eccb935551a343d89893f70b8929685031

    SHA256

    34e0be1ff8cdccf698f7095340cc48b00d4301d1d92cd486bf0eb27dc6804eb0

    SHA512

    3f632437bbdffb4c8ce751331d5c90f57ac3bf48087fdb07df6342a729339eae3252446cc861e820b3b33fd77a0e8ff81af3ce8cdb57cc423c1f1a0a3d7538ea

  • memory/1620-0-0x0000000003010000-0x0000000003086000-memory.dmp

    Filesize

    472KB