Overview

overview

3

Static

static

3

edd1fe9d64...18.pdf

windows7-x64

1

edd1fe9d64...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    11-04-2024 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edd1fe9d64b5c4dd9a134f7035f78737_JaffaCakes118.pdf

  • Size

    88KB

  • MD5

    edd1fe9d64b5c4dd9a134f7035f78737

  • SHA1

    b0930ac39be2feed7e94f2daf22b7c50d04c50be

  • SHA256

    5ec2fef63e77907ae1f1a88eacb609247f463b077eeb1d705ef0bda67e388ed1

  • SHA512

    fcd879cf7ab41db07cc9e6493e3da53cfa2898ab009d76ab550d756e9805b386a6eeee9f4b9aa47e385c4c6eec54cd21c0f08208242289ee9f4c18fd1f7b8f34

  • SSDEEP

    1536:lZuy2TxSH4wh59TvUcsshsB8P3rXLeCYsBXK9i85RWxWyDqm2PW8pO+fDS/:gSf2wjPbX6ZsB3852Bqm2G+i

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\edd1fe9d64b5c4dd9a134f7035f78737_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8657be9ab1162cb0239d544ac70d8744

    SHA1

    d71f8424c2f78eca1d069dce9449a8eec9a7bb41

    SHA256

    5855ec52959db2a4d3b85a544d025401b9a9f3d2b735bc6366984f5712270996

    SHA512

    bb9a62034d2760ce5ea12c4bc150b0a697f313187db4790bf38c5be692918d4495d4e2da0bb73c3e3a8920aa5e494ee80e2576a57b4438b12cd946bb38d2fa26

    Download Submit