Overview

overview

3

Static

static

3

48e4d79919...18.pdf

windows7-x64

1

48e4d79919...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    16/05/2024, 01:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    48e4d799196a7d6ccf445f6e55520d2a_JaffaCakes118.pdf

  • Size

    37KB

  • MD5

    48e4d799196a7d6ccf445f6e55520d2a

  • SHA1

    9e6bf0a2438d379feb6950ffeb051a07c2f9d7f6

  • SHA256

    67564ad036dc7e79903ed87769304f9aaed54c8742d301e43fbe59cab5c11531

  • SHA512

    510877ae1cd8e9e267e32e39c0394a45bfbbf111fb1f1331c55faa2c87d0017490898d874870b77b7454e8d53279e163285c25751544fe6d35f91ac1bfea9163

  • SSDEEP

    768:YXuMZmwgCLWar57E5HpxKLNqHiTdi5tyNR1TmHBWjdQVQYsXXuVZFD7gzC2G:YXFZmGWS+jKLNqHiTdi5tyNR1TmoQVEs

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\48e4d799196a7d6ccf445f6e55520d2a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    952da36eb82c6b3570165c2aa98cbb5a

    SHA1

    ba32414200b9ff4ef25bac2d689604e71fc3b152

    SHA256

    22f3bc593b2344a4371e8f5d6f9b59791457ad62d74836448283b0e7ccbaafb6

    SHA512

    f620c99b364e975af443ea134d9856f2e5ead105725fbf323428eeb93d23c0cb167e33be830d9edd01958c1c081b238bf15e60b62fa12408faa0d80b5222bc2f

    Download Submit