Overview

overview

3

Static

static

3

1afbc78190...18.pdf

windows7-x64

1

1afbc78190...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29-03-2024 06:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1afbc7819079665d0ebd5f3c06953493_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    1afbc7819079665d0ebd5f3c06953493

  • SHA1

    a994eaef5db61f67ead43f29c5ff40d09045c6c1

  • SHA256

    d1b3b1b5f2b8d299c5686529b891b0457f27a5b62fbba176cb1e7f17775419ac

  • SHA512

    9234e9f0e2bd256140211b0f6a5d244f8d4fa96155f93254445b16ad653518ca86ecd9bb68936de0caf15f496c9f30edb96a7cf9c513d41ca69c434ee31106f4

  • SSDEEP

    1536:ZsXLwXFlfdfN1fs0m39/37KbPX+8BhwOfy9SLG7e/V4d9PWVbIhNESPWepOy+WnY:KUX9fsD/LKbRKOfygCqqwbIhfMy+Uw8C

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1afbc7819079665d0ebd5f3c06953493_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    052321e101b753828bfb71a0609b3d1f

    SHA1

    eba516cb06331846ddd7896f65b288edb381c792

    SHA256

    3685b0e58a94f7fe3defa1656bb3b8271e572d8d8ecd0b53a01ea53170a6764a

    SHA512

    f5264d9693ed510ededfa24faa4d2e68342ceacbfd9a520c8cb5a5dcb63c31f55dee8797b37d5f768e5af352841cae7b7f641b4a89ad735ea138ed4de5a609fb

    Download Submit