Overview

overview

3

Static

static

3

ffcadd4aa0...18.pdf

windows7-x64

1

ffcadd4aa0...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 17:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffcadd4aa019ff1a65a51eca5f7c617a_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    ffcadd4aa019ff1a65a51eca5f7c617a

  • SHA1

    ec3ba402444c78919b47c642e851cd8d97f7e6ca

  • SHA256

    a8a6ce4e3ae6ecfeb17eac258839c5eed09ecd5a504a49bf2377555866c738a4

  • SHA512

    065afba41343edc23cec66340a404bd7df766226cb9f2858eab4dcd1fabe95841e8241e02086674d0049fceae3e5315c3cd1a2ca3db067058661f42bdaa90fcb

  • SSDEEP

    1536:ewDPf6uhbqSGXDBZ/AfdRHfxlKbJ1MQRWapOnBbFIWSIbE8QpW1H+ZApcm:ZDrmS29yfdQJmrnBpC2/QRZi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffcadd4aa019ff1a65a51eca5f7c617a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    449c939295e0f99a9ae95c318d47b49b

    SHA1

    a892f70da381d9d7ff41ac15b8e67c474c4758bd

    SHA256

    8846e90723cadb3f342501c30a5479729a6091ceb08f2462cd633a069303ab29

    SHA512

    4ebaca1c50495d2d9fccbdbb21e5d62b7eb4026ab129672ff59a17fd6bd2e7088967eef20fa7fec94a6359f0861e2e406e1e90ebe6f2ab2b0c7a6dc74555986e

    Download Submit