Overview

overview

3

Static

static

3

c14895a8fe...18.pdf

windows7-x64

1

c14895a8fe...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 19:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c14895a8fe56f7c9a583fa1ca9b04772_JaffaCakes118.pdf

  • Size

    80KB

  • MD5

    c14895a8fe56f7c9a583fa1ca9b04772

  • SHA1

    ae49b539c19bd2c1893c283dc4d04e32356379a1

  • SHA256

    54164f9b6121be3634398ff2332a732e3821a1746046798cb9c1784bb2ff7914

  • SHA512

    6f88ec5d804877df8ec2af0db8abc061ea3828fcbdac763d5388a2ea188b00e71499abfb8853853892a50f136c08782fdef66a03e91f7ee85cbdc0c8b286932c

  • SSDEEP

    1536:2yBxFcvK7C5lO77LtU42MkhcUqFG+vNYS2MeUxXCrWJZfSbd0yWOpOwrqn+K:XlcvK78O7sKUwG+vKSaUsnd0nwru

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c14895a8fe56f7c9a583fa1ca9b04772_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c31629ff8f9ed07dd55103777cb4c8f9

    SHA1

    36d5ea3378ae7c17d00467c559820288035a2670

    SHA256

    1fa3acc9d3dfc92fcf64834433b1b1d72d8cf9c5d2d79c2b122de9dcdf112ffa

    SHA512

    ade23ccab473718ebaf70db10c699be9bef12392eb5095afb57f2313e00fd5b060898a44d511f155ea1394c873e7f0fef0a3c35c4ec4389b8166afc6446ef71d

    Download Submit