d97ec36f14e95b9d191e0e9c476ea124afbed8ce0c307fbe55af8c6387797b31 | Triage

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
08/07/2024, 06:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2b5c76ff9694b573650e81b7275b0b1d_JaffaCakes118.pdf
Size

2KB
MD5

2b5c76ff9694b573650e81b7275b0b1d
SHA1

ec22f9cb5772e2aa73438fee5ff72467725e765d
SHA256

d97ec36f14e95b9d191e0e9c476ea124afbed8ce0c307fbe55af8c6387797b31
SHA512

aa3a73690f76db4bb611afcc24a2da1a18bf056bb7803e21af18f32b42c1987fb8b39e070370b8424858fe3f38520fd0d95db80542836758dc86b0cb750ea088

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2440	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2440	AcroRd32.exe
2440	AcroRd32.exe
2440	AcroRd32.exe
2440	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2b5c76ff9694b573650e81b7275b0b1d_JaffaCakes118.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
1cfedbbdd45ae77b979c06e82e053e88

SHA1
08da17b1cff6f8c947d999503a5f83430961ce28

SHA256
a6aa75a2b70a7b8140bada7d3073d651b1bdc14eaeb18e4ec33fbfcc95ba9aec

SHA512
81e09d96c5927d911be042e25fe940beaf5796f3b79cad28ed5de3c433664c59b5d03c2e081237cb684edfe78015bb93b9a9eded683c1822dc7ff4408ad24970

Download Submit