Overview

overview

3

Static

static

3

ff19abce79...18.pdf

windows7-x64

1

ff19abce79...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 10:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff19abce79f1d153042daf9debaa2b8d_JaffaCakes118.pdf

  • Size

    176KB

  • MD5

    ff19abce79f1d153042daf9debaa2b8d

  • SHA1

    b2f6f553516b3cf4df048b6cea319cdc73837096

  • SHA256

    65cb498b647b0d6ebcc2256db152fd407b7388322d9f807ecef81344b380fd7d

  • SHA512

    71581b25d4a8098b49e20fd1693af9049834e6bd5f9df124dc8a90b54a375d9a5662cdada2cdc9c7da28910eab9fc00fc6ec6cdd29f00c51e8ebfc23f62dd5d4

  • SSDEEP

    3072:2bIvFRGa19fSrOMSMrZKG8w01sZzo6uJmNJR454BjkizwkJ/39Og0Kxxja4BJjwX:gGGkZfMpKGd06zo/E+54BHc00Q+xA8P

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff19abce79f1d153042daf9debaa2b8d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6bfbe8515b85f4b3cc3b68449a5b45fc

    SHA1

    8cbbf548e44b1d276d9392e904f95c05a2727464

    SHA256

    bd8a8638f82f9ddcc90f111b6d6162926971da7840aab45cbabe8ee8e17762dc

    SHA512

    0e7203572428f6bdf913623793d6f687bc75916db7243c54c83e0fa86ca4eae5b4c6e3c33c4fc306a662809d4d65f93b1a12ab1c077f4704e4adf91f8dc61f36

    Download Submit