Overview

overview

3

Static

static

3

5f10035788...18.pdf

windows7-x64

1

5f10035788...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2024, 12:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f10035788a6199f36d9df73c4e815a3_JaffaCakes118.pdf

  • Size

    41KB

  • MD5

    5f10035788a6199f36d9df73c4e815a3

  • SHA1

    525cdcef55307f56a88daa55ccf2b6f9db66683a

  • SHA256

    463ecdb717252635ab974295e18e93ff618f4591926f95b8e457875404d164d1

  • SHA512

    3d4389a6f76fedd5411b29476dfe2a97a3dfe85198cecad882ba0c0b792048ec038ffd84b96b108c43639ded080f7e71405fc82e4e584a3f286078c9e0f0fbea

  • SSDEEP

    768:yrrTr4INn8+vFM2keJzby/Lt557GhUXVE6lJMPXxE5tXuMZmwgCLWar4jA:yHTr4IN8+vFM21Jzby/LtzGhUF1Q/SXn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5f10035788a6199f36d9df73c4e815a3_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    29e2bcf6c9deb2ae8d4599ee349711ae

    SHA1

    20d42c0d0f9b79666b63d34428b876591df27931

    SHA256

    31d365acb1e015c44f08a46be78978131f7ff85705c16b496c708ae7fd128658

    SHA512

    50257caae3dffe85cb39456509b97f6fad1ef1c9b7b9d957a1efc69003fe2e0f08dc3f7dbb31214876b3bb9923ee1b3d0413e86f170637b500a254388185233e

    Download Submit