Overview

overview

3

Static

static

3

02c1163fbd...18.pdf

windows7-x64

1

02c1163fbd...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    02c1163fbd431ee3737efc83bed5766d_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    02c1163fbd431ee3737efc83bed5766d

  • SHA1

    eb33b80f50dca8e0b5ab3587793a8721c0f31e59

  • SHA256

    804592f890093390adbdefb7fa61a5f097fbc80bb36ad1c9b4f18dfcb9085c6b

  • SHA512

    d158107ea216ffe87cac9772d959521710d4911ae487c7b26305e040c20d28cf4eae5b99df444fd470b8fddf8ed8b8b6e489f3bd6e075dfece5fcd5075057d3a

  • SSDEEP

    1536:NW8n9fcO57d/HtGQIETAoKyD8n5JB3Hwwe95bucBW2qpT4Y25pudWXpO/3rF:88n9fDLFKfn/VQKcBqJ25pu3/5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\02c1163fbd431ee3737efc83bed5766d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0295e3200650c565e79d96dd5a33c289

    SHA1

    b6a16e6f578ca6ed2dd5ab305892cba39cb1135c

    SHA256

    e73c8c6fcfdd99633d161750e16a298e996134455b784b05e9320429e7ac221c

    SHA512

    9e6803f97f18198094554e8db013d9fb5f5bfaf51f8637bea1ac64fa17d43df1ffafc0ff78d46231aa4e32beec4eb033c324b0cc9a74b4c1de179099cd7aad21

    Download Submit