Overview

overview

3

Static

static

3

0ee334199b...18.pdf

windows7-x64

1

0ee334199b...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/05/2024, 15:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ee334199b51225cefb6e4c909525cfe_JaffaCakes118.pdf

  • Size

    45KB

  • MD5

    0ee334199b51225cefb6e4c909525cfe

  • SHA1

    2eb7d8b0400a6db56687f8ec93088f7b62ba2b94

  • SHA256

    b35e1457707919c487ea91e1c51cb92a0c346d7244173f173fd610a46a3aa374

  • SHA512

    a94f34d67f01735e1becebfdbdc39f58dba8870a210a04397934639494719ae263aefce510059246e946292dd90bd2dc58a865b1a6b01cc99fbeb08686dadec9

  • SSDEEP

    768:DgGzpDDEpY1GMyxUL7DjXb9ZYPReZc6f5CTaDDXgIlexVCipLMXGrou/WpZudpR3:8GF0pY1GCDDb9QQc6f5tXgIoVPyWroCv

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0ee334199b51225cefb6e4c909525cfe_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    21875e6791b20b6a34edaaec3eb6ed6c

    SHA1

    87796dd7f21fac7e35096074b1259bd6f02b9d9c

    SHA256

    203c9ae89d2ce9a94d7e3f6ecb088fa6c570c4abd0247b52c33e041e245f41ee

    SHA512

    1c487a7426feab24b2689d46131f2213c25bfcd96fcfd5a0778eb91aa5485e5d0f4e98079fd6a43662725fe17db5be3a26c13c5292b3342cd484370f8bcfcb38

    Download Submit