Overview

overview

3

Static

static

3

fb49c94efe...18.pdf

windows7-x64

1

fb49c94efe...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fb49c94efee56c71ae681b0473f473d3_JaffaCakes118.pdf

  • Size

    48KB

  • MD5

    fb49c94efee56c71ae681b0473f473d3

  • SHA1

    934fff1d2c8d977caf22095acf896cb0589e9c62

  • SHA256

    343675f98b034774f8e47a1df455cccdeadd1b7108d90df7250af365094a621f

  • SHA512

    44b0b31f4720d63b2a9608d506a4a34df12f12cd6ac7ecf5cb5eb2c5c51d196791cf2bd222adf5b92881237d2e6925e1203f16aa14dc5c1a296fbcf59c6de381

  • SSDEEP

    768:XKPhGC23aYPcZ8WCIjFfiP5cz1zJq5LctIXJuJUpnTIknSl+ij:XKP0FkZtMP5KdJq5aWnNSl+ij

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fb49c94efee56c71ae681b0473f473d3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    fde9125fd4319a067e0499dd246e4415

    SHA1

    c0d538ff3f8e882bc1598cb6886f5144b476213c

    SHA256

    77f79f361f7cb31b40dd056a459252b6af010f8b8086f3e5d0e8998d2d233152

    SHA512

    e86d8a5c2583fc0e78a60fbf93e45768e72b739d37b25248552a80fee18f170493396213bacea3d6a4a28afc99abc3cd8a072137a72e360ae127ca8b326d628b

    Download Submit