Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 01:22 UTC

General

  • Target

    59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf

  • Size

    168KB

  • MD5

    59e322c307e8f615fe45a78a94aa57b3

  • SHA1

    da15778e381bb3f02d5e2022255833e4ef2e763e

  • SHA256

    32ca5ea3bd1b3015689e8a7a2f42d31c0e53eb775da0421ff17d6718dc412e02

  • SHA512

    e2d9645c2eb30d4698b196be7bf8ae0f87e0b2de93ed4151875fd87dbe657fe07c6109162cb24dd32efdab716d44cc7508e7c40ab3ffd4475625d83da6b7bdce

  • SSDEEP

    3072:5UnSFkxOmYt95coQMhv4ktA//Gv0CSxySb0DFV43lDZKxqQfQUWodKB:5pqnYfMMhds/GvCxv0xV43lDuqSQzr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6d21d1b38ebe70220b402b09df0ef095

    SHA1

    daa06892055a82db3864ec7e9acb9d4fa14353ef

    SHA256

    28907030cea8d11b8103a6181ce5fea9e1ad7f6364fdeb54e455cd9ccdcc48e0

    SHA512

    2923277e0d8e9e899b518b7e43718097d9cc3733909f37772065c75d8e4b465f8513d880090d1f724dd2c4b74d346f6b056f6ddf48af8d6ed563da70127651c3

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.