Overview

overview

3

Static

static

3

ffbc3921cc...18.pdf

windows7-x64

1

ffbc3921cc...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 16:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffbc3921cc2466c952ec0a81817cbcb2_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    ffbc3921cc2466c952ec0a81817cbcb2

  • SHA1

    d0d0bc437b436bcaf0933f52423f6d76818d87d0

  • SHA256

    0632fa24c23a60dda43311e229aa2e05357e3b6a36460c3f94109916df5cf70e

  • SHA512

    2d8257d4974d757ffdb723eaa6a6cc0770e67a4ad745c76298876758d9e2572a3c42a5edf9ee52663398aeca63f418bdd4ab149343bf251ae0df7b946b9383a9

  • SSDEEP

    1536:qu8+0H+cRYsmNU/2iOBlbEBQdWrh/jr8WCwYE97R/lKmxVyWOpOaZw4Kc5fW/:hMvaREOBlw2kjYElR8OVHaZbj5O

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffbc3921cc2466c952ec0a81817cbcb2_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3540be8509a23c2c11e0d1496392fe31

    SHA1

    50d387250142e11bfb70504911fa731bfd7727a1

    SHA256

    7f175fc6026ca6021a855386538b279d0a2bb45ddb470aebf1615aabee165e83

    SHA512

    dd8dc5ee4cd01a1cff9a70b75c0d38d249a9bf5c37dadcf39d94c6809c5d56c84dae652c0d2728d0ae10da280a301e5d739eed6f89c494f62a4e435ad02c60a0

    Download Submit