Overview

overview

3

Static

static

3

d1254c3396...18.pdf

windows7-x64

1

d1254c3396...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/04/2024, 10:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1254c3396854eb450657ba496e2fb64_JaffaCakes118.pdf

  • Size

    86KB

  • MD5

    d1254c3396854eb450657ba496e2fb64

  • SHA1

    b13e749c4908a8a9684c4350282b8e8394490c78

  • SHA256

    7959fad2d94ec6a7d499f3c77d197eb205c2635f9a60031f19f4e9b008384c76

  • SHA512

    b3db79baad40def5b76bd47ea154232351d7a637fc4532de785f5fa505fbbbcc88cc1e2f0a7bce7815ae050d4fbf0e408cf1004e7ec1b9cf3a4dcd005e2f2256

  • SSDEEP

    1536:4A6+t7EVIrHbMR0eG59lfICp7E1pXJ4GcmJ34uVO2P9kmWOpOwrG2yZsOWldFArZ:/z+I0R0eIppg1pXJ4GnZ4g0wrByshCrZ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d1254c3396854eb450657ba496e2fb64_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    a8a196c60479b84862a310d00e871f47

    SHA1

    060459333d04b7698b4299bd94f08065f7f17ae5

    SHA256

    b25a7691e679a9dee41a14c3a9c91d973e188ad1a0a70f7f8fc41602bfa0b542

    SHA512

    8ee702c904e3324c607a6ed2c5b0fd22ea5b69223abf48bb83a8b6749648d2ed3cd8ecc03c539ed96368c377ae17269cd01e6ecbb7f8838c4a577b94fd8e30e5

    Download Submit