Overview

overview

3

Static

static

3

e163a1b835...18.pdf

windows7-x64

1

e163a1b835...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/04/2024, 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e163a1b8353f2c9780d7f1cf4ee620ed_JaffaCakes118.pdf

  • Size

    81KB

  • MD5

    e163a1b8353f2c9780d7f1cf4ee620ed

  • SHA1

    40188124fe150a2d14419fa512a96f8e22022495

  • SHA256

    7621c88b6ac36de8563b92c9e2dc357bb2bcad27b8abbb9c926ae5d8dd004dc9

  • SHA512

    f1bd88d1a43ace20ae956c277e992be3c356c8e04fb402c1df2e10c790ff01d795b186835235d53bac2ccd02478507abed1827dd748c969ccd74e1ec372592c4

  • SSDEEP

    1536:0/ldYplVGyyfBKZzlUiaJ4N8YwEjf8fd82aJMCcjnKWnthNbyJW8pO7YrCq:GlOlGPsl984N8YwEjf8F82aJxcjnpTN2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e163a1b8353f2c9780d7f1cf4ee620ed_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e1e069b34a68ea15b826c7053882625e

    SHA1

    c5471194672adc124d14e21110699caf4774d3c2

    SHA256

    0a10ddd3c3becb1ed3810a87d8d2e00a31f80d14cff806817c96f51be33a76f7

    SHA512

    a0f2e707710d0fb67f997a0f73f33eac77798355f33540112c780c487e99d78449c3d70a7d24a73fb8fb796a534e5f2db6117c283dfd72116a84488a80c01ecb

    Download Submit