Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2024 05:28

General

  • Target

    2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf

  • Size

    15KB

  • MD5

    2766a216d4389d24d0a6ff68b6d6f273

  • SHA1

    4a60a6b634a0396dc1a3124b0d20ccb6da859cf3

  • SHA256

    da3d7ec660dacc37029c2e462b8f2b4b12fcb428d0c6aed04cb2a77c9804ea5d

  • SHA512

    1a9f74f7bf81d7dd441ad216aa5a3a77fcc81bc71745629acfb23da1435b0be3118fc6ccbf9ee94eef65b3e9c698225e6f2a623aad5e389d7af1110da67a6280

  • SSDEEP

    384:nP5uA6SkJ1OZgVcL2mouNvFMh8tQ9JhI7A98ik+hobo9kNmQq5OD4KYx:qONSmZFMhV9JwFiJhtqQQ5m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    558517d123b63d81c5ab036afdda0118

    SHA1

    8f83b4c7f550ee4c4e67f484e65034a125cf59d8

    SHA256

    e88cefae7b92d9076938f999d4f3ef97a425654dd882b196b953f7487e1a47ce

    SHA512

    9792b5d30efe32215776d2b591067488f68126d7f118184c0e423a4e6e13219961d7bc1a55f4afba277f7125775546faaf78d01aadd2b71d393d65c7402258db

  • memory/2792-0-0x00000000030B0000-0x0000000003126000-memory.dmp

    Filesize

    472KB