Overview

overview

3

Static

static

3

0be0287ac6...18.pdf

windows7-x64

1

0be0287ac6...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    01/05/2024, 13:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0be0287ac6a8c036089f3a2bdddc1d42_JaffaCakes118.pdf

  • Size

    30KB

  • MD5

    0be0287ac6a8c036089f3a2bdddc1d42

  • SHA1

    c34d203e9dd7fda87c5a5915eea30070aeacb449

  • SHA256

    e0906b760bf3ce44135af2d46cb6974675a49db5731ff87124d781eb335174db

  • SHA512

    e9b17223ee7ec8f3dede8ed8d5313069d39f8e7eaec43f649d6c61d790c041e4343b93d4d58165fec582b850848a31a0ef0666fe901271e406e6f1dd17a92594

  • SSDEEP

    768:7X2aKWcV7anLsptRE1qU3a+dykAKu/FklnM5u:7X2M6+rzsxilnM5u

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0be0287ac6a8c036089f3a2bdddc1d42_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b4b65d4e07ee1e5349fc03e99c474a9e

    SHA1

    8bc05d66e57034b8904663300390dc8cc5c439b2

    SHA256

    8205fcaaf69ab95407da7c1a9bab4aff796a84220bbaf562aeac324ce7bdcacc

    SHA512

    861c20b8e879717f410580f6c58d59fd63a9cdade3fe086b189e79518d78f89d3cba6fe3a0f031cabc8fd32cf41abbad7bf02068cd7f14ba8e939856a8ccc202

    Download Submit