Overview

overview

3

Static

static

3

ffe1ab66aa...18.pdf

windows7-x64

1

ffe1ab66aa...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-04-2024 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf

  • Size

    73KB

  • MD5

    ffe1ab66aa1f5fc73b211aa12c2e59bb

  • SHA1

    e40adfe964eab739116733018e1cf94d65f2f9f7

  • SHA256

    80496e0fbf389f19f0916b2ec3e989d0b29161ff0a3d9b430d1e55c74d34402e

  • SHA512

    aa5d5d22e6fa0cadc754b1e817379c849a6b56c40f5bef4c77ff663e295e0eba2f1c2a5ba498b1b4f3adb1d919003f51061ef841fac03ef7afc06aef3d1ee2fb

  • SSDEEP

    1536:fc+mURI/bZnv5OL6oa5LWOpOwrl+fWWw6LtS6fBfjF31Q:EzUR0Nvu6oa5owrwfzzb8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f266c7147b3ac9d9ea0d43d5c73a6d6b

    SHA1

    c42cf37c20bfd0017f015087b21859c33215b0ab

    SHA256

    5611495556c1634014eab704f3468873c5f4ae416fa2875dbea9b009e8d43725

    SHA512

    083bd3f500b8cab7dff255655d655346f5d3ce20c5c1fc0f613b5a20fe2069c8afbde8b5b5a3ade2e195860eba926e137000324af8ea5465a7d48b4d7a3f0115

    Download Submit