Overview

overview

3

Static

static

3

ffe4b02a42...18.pdf

windows7-x64

1

ffe4b02a42...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    ffe4b02a42bb6baa4fb02b3aeb8d0e23

  • SHA1

    2f31afd545d4e3b4c5610364421c286fc93f889c

  • SHA256

    3b879f4505f60f67d8aa1d7a469f16d6358f36ab09572885a5d82d6f3b12940e

  • SHA512

    31d0f5785655faa774b6428f4d960efa7071e2b0e3971e99a2f806982fb79311d6e9f2e3410e30f0af4934834fe8b4feab6f48b021b20fcd965fdae6c375fbb3

  • SSDEEP

    1536:VRxb5xBbwG5Anh2LDC3j3Em4hnaUz2SrjSVWGpOKCWvKSuF9tq+wbhDtC:J3d04LDC347hacNdKcnFq+w18

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c8bc2b75a0dd7d96675f52bc985bb2c0

    SHA1

    ffdc527a8c706009daa4f2834fb34418b294a227

    SHA256

    1f22c44711affd614de77a7760b99d3d15b139029b4de508b9e1d5c77a6d3e9d

    SHA512

    e3bf291ea8ce40c66d204ae2e4a34dc1a6adea6db4517b12bcadab9c234b13462c5d517550ec39bbaab3ade8beaf029e2322906bdf4d1d53b6ab6dfa5db0e59b

    Download Submit