Overview

overview

3

Static

static

3

faa76998f9...18.pdf

windows7-x64

1

faa76998f9...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    faa76998f9bc4c00c6bb02c40391d6c7_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    faa76998f9bc4c00c6bb02c40391d6c7

  • SHA1

    75d49b8947bacceb20a5e32fd868d12510ca5db1

  • SHA256

    eaa5ad1d202b18538778dcb180a2a3c296016f65e0a0ecf81649c6d662a4b1af

  • SHA512

    e37cc39824afda40ffff56bb5ecc9be4ff32834678a81ff713d51a7543fd54b357f5c30bbe90d8d1eb3e8af0d6704c7a720f3cc9edd01277b1278c51b3cdbc07

  • SSDEEP

    1536:+3C8FhYd9kfCni2N7Yon2Oyyq+O01whyeGUI4XTvJ++43Wl4k48MXWOpOaZ9LtQg:xd4sFJq30AEU5J+u4KMoaZ5OcDjJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\faa76998f9bc4c00c6bb02c40391d6c7_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4d90b0b344c718ba702c7da8f655b6ba

    SHA1

    4fc81da129c48025687437885c96b870f456c12d

    SHA256

    f42e5a0f20bf0f5283bfc6a63ce5eb102930de5ce31639ff0b020f2fe5db7ee1

    SHA512

    704cf74d2388ca4ec2e31e2eeecdf827e285f5e89fbb14f4b25c384d6316fb346bed6ec6e7d77a59ef0ea982d78b352c253af0cda0bcbeff2e7adc4a87e8cdaf

    Download Submit