Overview

overview

3

Static

static

3

cfd8bf2325...18.pdf

windows7-x64

1

cfd8bf2325...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-04-2024 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cfd8bf23257fc914b87d2dce386ea45c_JaffaCakes118.pdf

  • Size

    88KB

  • MD5

    cfd8bf23257fc914b87d2dce386ea45c

  • SHA1

    ba7ac7888ca24303ff269e23c95b5f4f6feda9bb

  • SHA256

    b339a0fbc18f55cbd33d63b8a7a093689d3db3a7a6111a8839999edcf1075a05

  • SHA512

    47e90df4fcbe8d89c01adcc51c7befea04aa8a005ba77485276bd4ccb7be6e7b2b13146d9773418a8662c93391111226dd391bfebc6e8a68fc440d12e1e2ef69

  • SSDEEP

    1536:Wi5mYuh4UbPGABarIF8saemnXsh4oKZDG8y9dWkNpOPBxzlWWTZ/pJ9fc4:j5mYuOUbPGAf8vemnXsh2ByAPzlZZ/9b

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cfd8bf23257fc914b87d2dce386ea45c_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6061e8ee0d0acee3345b3c96982ae1fe

    SHA1

    5f104c471c505c089f9dcbf03e76f718c4f123d3

    SHA256

    f3177d1258ef82c0f470bef5ea2f3aaadf11e8a25dd92688c6515ae902071f40

    SHA512

    89f3b7bfd871143d7ab45702e5872b85fba0834a7725515ac4a8a287bc145bb3cef166e1a0acbb25b5d01c423c3ab362b611ca305b9d8cc7d6655214c31c972a

    Download Submit