Overview

overview

3

Static

static

3

1606a9d640...18.pdf

windows7-x64

1

1606a9d640...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/05/2024, 04:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1606a9d6409c8b989103ba91f012d5ea_JaffaCakes118.pdf

  • Size

    45KB

  • MD5

    1606a9d6409c8b989103ba91f012d5ea

  • SHA1

    d8df4d7584fa21ca8e7284506ba11c2861f6ea29

  • SHA256

    2c0158b3a9b9fe8465dae2d57b54c3dfd363ae367e5751a94791ef2e6576c0b5

  • SHA512

    a9a97e0e00273c57e231fc2fc0b5eaad81d4cbef5d95dce6535fb690f1c452ac0f4e37dcd15c22a3f67b800a481de0e1f3153a0750f0978fb4cd5fdf3cfe77e7

  • SSDEEP

    768:NgGzpDcefVVLGrZ4m99XleyRTx7543cgQlYuQC51jUEiKXmRYt45niL2:uGFwefGRdt7QC51QvqmRYtg+2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1606a9d6409c8b989103ba91f012d5ea_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c2c477bd33d3f5c73aae608add966125

    SHA1

    002c3940089c4a3d3e496f0c278267a9388e3853

    SHA256

    3defb7a526595eee5859b9ffc18123c3cfd6f07f3e29abc56b4afec074045f4d

    SHA512

    86615c648cc0d9626fbfab5a545cb2cfc4e763725106be8e621cd607a5c155c7cb5bae5cbc96d27f7a0af5b8ff7eb6052c8c93e6c324e4caeb4b6b11021bd461

    Download Submit