Overview

overview

3

Static

static

3

001add068e...18.pdf

windows7-x64

1

001add068e...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-04-2024 21:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    001add068eff11b8203d14a7c95f14cd_JaffaCakes118.pdf

  • Size

    51KB

  • MD5

    001add068eff11b8203d14a7c95f14cd

  • SHA1

    4f922889fa2bbb3731ce0f7ab60196a499d1e413

  • SHA256

    08e053fe0a097da3515c67285a29eae89677dcd38b127a07566d4d32e357d4a3

  • SHA512

    5c7faf7d742db02242c4e6ab9aabeca24b8da97e3f5bccee066895b61565afd6a8ce063e950027bfbbc39d5c20a82c35a11c449767bb60040f5cd482ffd14cb1

  • SSDEEP

    1536:OGF9D54KqYosBl2jBvbiBoW1+g5FH51zeKE:3F9d4SnPmiBl951zg

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\001add068eff11b8203d14a7c95f14cd_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    126e642b25772f90942ba2a5176fbaff

    SHA1

    7f6aa6e7f440f9f5b3e6bc3ed78c1e44fb2eb534

    SHA256

    e8c2441cbc457e31758dbfbd7943dae6e87e479036f276f2073ae88597d903ce

    SHA512

    388d93e889784b452f3c24f395c17d42a3ede7db99e7b6f4199e65c4dd33c2e08cac3115f45aee0335cf61cfe6b62704dbdfc5c7f10cf69273a770db38377336

    Download Submit