Overview

overview

3

Static

static

3

c5ae86af79...18.pdf

windows7-x64

1

c5ae86af79...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    05/04/2024, 00:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c5ae86af79e109f8feba8567ce8ca2e4_JaffaCakes118.pdf

  • Size

    81KB

  • MD5

    c5ae86af79e109f8feba8567ce8ca2e4

  • SHA1

    5a2577e6ddb711af916d9ab4f8852650a2383138

  • SHA256

    ffdd8ce71d4f39e6c7f0b8882da6ff8d920f698b007cdaa2863ee8f318e28f00

  • SHA512

    2222d3107e97f30089c0b5921dab4ca2680dcf9dac2e1699914686a3d4db6e91a46595cba67c3d3f7e4a68645ad92cbb07bc0a376ce0d2c641ac13643e3a33bc

  • SSDEEP

    1536:HpRf/ZwvzAZf669D+VcTSAm7CHuNiWCpOViIW95OdHrTe100JBVU3AycBi:PHZI2fh9DocTDm72QViTOLTG00JHHyl

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c5ae86af79e109f8feba8567ce8ca2e4_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    57266f8ee5ec5b57463f8b48f0c9e80b

    SHA1

    7e70d0dc21160cde4d68e7fdcc3455aecba8c782

    SHA256

    54487f5469f26bfd09523d5a5f8457d4adbba58534ebf8bd77828ae32dfcfb8a

    SHA512

    fd631537a17b5afe054f713cb1018f4147c42ea39c348f1e898e9dd17a356c07ff42449445a41c79fa94db0328378246ab8662db98d57a8552de3ad3e9e093b0

    Download Submit