Overview

overview

3

Static

static

3

658aeb3dbe...18.pdf

windows7-x64

1

658aeb3dbe...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 01:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    658aeb3dbe216a3b1b86f0412c04e5e6_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    658aeb3dbe216a3b1b86f0412c04e5e6

  • SHA1

    e9d365db341b8b7c8fe6b4f0500bdd75ecde7ba9

  • SHA256

    cfb8a7e140fb91520edd76aacd3205b5eddfbdf7a49486f9273ded21d9db6b35

  • SHA512

    b2d929fad3bf3c9f4f337fbf0ff3fd6b1a2336bc0b49d52c2ccd089992b92c39405375762640f0d678f8faa782bf0e2e1214790880e8b8eae712cd2137715b64

  • SSDEEP

    768:6gGzpDapU5nOOmNYDTpy9DGUxR46g8fyLKL9l5rbPhRfqLsyxU3WXeHmeCXdfn/f:nGFOpDrtfyLKdOxfXeHmFXxnKAnlRvyA

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\658aeb3dbe216a3b1b86f0412c04e5e6_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c25262e96e2eadbd784008388c093f62

    SHA1

    3ba45dfe200a72a73ddc2e5f86b65be58692d001

    SHA256

    0cb8ce411af25599e1a12e2d54262341182188fd5d5eb8055906432744af6028

    SHA512

    68b72754a847ce4f787ed24eb1b9b39080f7525b01d079e35f993355e84adb3976139dfb31f47fa4d48513d443cf7479b753c968c996076413ddd3b3e3b71e05

    Download Submit