Overview

overview

3

Static

static

3

ff968a8c47...18.pdf

windows7-x64

1

ff968a8c47...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 15:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff968a8c474bcc1f3023243b23516a4b_JaffaCakes118.pdf

  • Size

    90KB

  • MD5

    ff968a8c474bcc1f3023243b23516a4b

  • SHA1

    6e602606dfe67f45b066d59cb76bd7db65e35722

  • SHA256

    7f0b8473c320ff8612908489cb69eba088b60fa4c2173cf89351faf2aa8f061c

  • SHA512

    6952f7024ccd8f616bc7d21cc4b9bcb7eb025a4fb111be61c8bbac1a44427e0fd260457af2431c2146c3a3d48391a8642256b2441f012a0a99a1549e5726ebf9

  • SSDEEP

    1536:z6aGVo944LQrOAzMqpZeyZhD9yKUxQINyeB3lQFvuGfWYpO21Sm6AGc+WnnG3e+J:ea6444sqAzpZXv9yKUyuye1lXGe21l6X

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff968a8c474bcc1f3023243b23516a4b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3462635a9e7f5086d32611254e589d34

    SHA1

    c2650e5ddc4340a4ba1776f3ada043d4d981cd47

    SHA256

    78847e65d015943ffa802bcbade8d620741d22e0dafc64634092e9cdce4002fb

    SHA512

    a07a4c2fdc1407d4e7fb54bca62defb8d443112724410088817ff4266063af6752618123933f2bcd69788d6a3845dc715562cad3f82a1a15851421b926d06a7c

    Download Submit