Overview

overview

3

Static

static

3

6ac1b08900...18.pdf

windows7-x64

1

6ac1b08900...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23/05/2024, 11:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ac1b08900715d6a6f73ccfacea3471d_JaffaCakes118.pdf

  • Size

    185KB

  • MD5

    6ac1b08900715d6a6f73ccfacea3471d

  • SHA1

    ada30b81fda226d4d8aa82c6618e70e4d0efafd4

  • SHA256

    fa736d74644a17d7c8e976b4d46de3bfb9c57763c3498a7004f4e2a42baf74a5

  • SHA512

    1edcbeac70677239b3e3c0fd113377124becbe3fe970545d822669162add4455ac4881ac21fab64bb431ac0398ce3f38239c6aae201178cecb9a02543081da71

  • SSDEEP

    3072:K2irbxzGAFYDMxud7fKg3dXVmbOn5uK6KjnH0/nVS+cLJ9VuHH3PsSk:K2MKlWQ7Sg3d4bOnUTa9Vu3c

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6ac1b08900715d6a6f73ccfacea3471d_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    33501ecf457a07d0b54282d8dc8cde1b

    SHA1

    9ded0e1af7d60574d7d56101caa872d701d1842c

    SHA256

    9ef6d9c0d0fa7bcab1153f941f1714f1e5fa83edb64cb030f6d0345a5b4cc0b2

    SHA512

    9324ebdbbf8d3605877d3d3de2335c287cf16cee03b09a06c41408d0f83ff6c3edfa2f66a2a30e0c4cd9f0fd8d347bfcb67a3d5430e23e9c367b6a4747d5e0f0

    Download Submit