Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    06-07-2024 05:16

General

  • Target

    275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf

  • Size

    9KB

  • MD5

    275e2446aeffb88434385092a52b37df

  • SHA1

    f882a9414601216c7227bdda2a39d3a73fdeaea2

  • SHA256

    756dca4a5046f1960efa0dc3cfe66e683a1537b54e600fc68c5ac3c3161aa0a2

  • SHA512

    a09de1d17649ca5f4559c8d22f57432807d1f7b87ad2e96214edaca247a48ab8b37aa88e5904bdd95861eab9b446f609048b44a7935f5d2ab6f0da869b9c7ce3

  • SSDEEP

    192:4Pz4ULMxLIKXHsfyxSPxVF8FxVN/Dariy1ftUq9t8HEYiOxkXsfiu8y3zBgEQi5v:4Pz4ULMxLIKXHsfCS5VmV+WqP8g2fiib

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b4ed9815ce19cc65876b7d42d4810fa5

    SHA1

    0e88c4106e173335747b9c0dfedcd6bb444d7752

    SHA256

    be3ec54f3490dc0606f0344deb778249883841a9bcf9110d9d573b0185fbd091

    SHA512

    3dd9b343738a7d6c2e83e7be8557a305f3583d949b684a464497fc272b5eae8f1ae410a61bfda2db2c666a3ac44efa7a5f8b17434cb437e9f1d78d011d842b5f

  • memory/1252-0-0x0000000003CF0000-0x0000000003D66000-memory.dmp

    Filesize

    472KB