Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 11:33

General

  • Target

    30344fd6a32eb0a88f0e62789f4eb6ca_JaffaCakes118.pdf

  • Size

    118KB

  • MD5

    30344fd6a32eb0a88f0e62789f4eb6ca

  • SHA1

    64d20ebc1e8d216cacc679b26b0bfeea02457ac9

  • SHA256

    ec3e1c3cdf8c9b407c5eeec0119cdbeee11217b208ff7d6978afb904ce2ae7c1

  • SHA512

    ec5efbbedcb3394d663f10a41f6f037c7ad2ebaa9adc21b141dabe780631142c7cd16416ea2d9b1f0fe52fb512de50e18f932ef86b68366c2a4c5de242528ee4

  • SSDEEP

    1536:wrRJgY8QR1gp5Z+woQHtFbS++lZruYCU5np5CgTaA2wpSieVSWapOn6WXM9/t16b:YOjDoEtrYlB6gTbmtnyX6PPI2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\30344fd6a32eb0a88f0e62789f4eb6ca_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c55849828d57c5b000090c941b95e05c

    SHA1

    9493d26e6e58fe7e4920cd76be257335aaddb93e

    SHA256

    dc6a7e2016a29d37d91ef5d538fc28d695ab10ebdf91cdc33d54e8ecd17b87c2

    SHA512

    acd556fe3d98a9a3fa62d96416f116ac43a320d34c7f666df35f0afa7ed76cd0474a2464491147812b3f420e3ee768c66fb163ca19520b4e7d98684b1b022c58