Overview

overview

3

Static

static

3

011a2dc582...18.pdf

windows7-x64

1

011a2dc582...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28-03-2024 08:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    011a2dc5821e37413d9be97807d91478_JaffaCakes118.pdf

  • Size

    79KB

  • MD5

    011a2dc5821e37413d9be97807d91478

  • SHA1

    8b361c01c0f88b9d38722aaebd94a06981dc3f99

  • SHA256

    4339be4e1451ccb12e546fbf9eef06675e8a56462636293891efa5ed7dd86c73

  • SHA512

    7d81909726a28b6f4b28322254657339e0601cfffe772789720c08d9dcf85a7852b5e2e5cb4ff59277867db9f3051b61e28e98b6d2f489ac3509001165e5bd1d

  • SSDEEP

    1536:pcrI52m0dZz4NN9xoyvjPPXmmu/xIL8XFPWhDmyNhRYfW6pOu2W984Ng:92m0vaHoiPXmZ/yw1uayNhq0u2W98p

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\011a2dc5821e37413d9be97807d91478_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1a32417ee5b36097f03a6d83f5834a3f

    SHA1

    2d63280b244e4a27cdca1566c2ae6bbc01c5d3fc

    SHA256

    ccbd06b67d7174617dfaacc213e47218d0ee8c5ced38f04c73765393f7ffc5cb

    SHA512

    6890ad185960f51eb97891dfd88b2a0b5b8979b6207e74151e134e62a0f78e571d706939fc3388a3fc68eedf39b49869bb781bc998d9a6a88b50af7cb3c0e1bd

    Download Submit