Overview

overview

3

Static

static

3

79c952506a...18.pdf

windows7-x64

1

79c952506a...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 16:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79c952506af9caa5d218ec0c4ba656b5_JaffaCakes118.pdf

  • Size

    36KB

  • MD5

    79c952506af9caa5d218ec0c4ba656b5

  • SHA1

    cbbcc945194975165f36da32603f239c925d6453

  • SHA256

    772f04ca54d0b9029b4daeb997f360f870f8211c8cc9fa242fb5867203fe957f

  • SHA512

    9fbce1d1a761dfabf4e063e187c3db908a0f19d1a55375f0cd7a61cfb6e0b1b418c2279787fa146d65b9353e932aeccf94b087e7706f47c585fb2d99be272d56

  • SSDEEP

    768:G97RXVXdgD+Gqiq17PiVcGtmUuxDQ4aHFO208J4H9gUCec4AJySE5fXuMZmwgCL5:G9tY+1iq17PiVcGtmUuxDQ4aHFO20jHX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\79c952506af9caa5d218ec0c4ba656b5_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    ab9e2075909a61a0b2d6961948ae51df

    SHA1

    716f12d76eb5ba9bd48f741fa8283759f3a5283b

    SHA256

    c900ff4690914361394ddbee7b015f4551e29f2cb8cda91062801f9245e8a50f

    SHA512

    65aa0930163c2da32fbe289e97780ad03599948fb4cec41e07e532ff4ed798220653ac56143fa04bdfd890c43271bdda7f8ba55fb11dc9368d16554326ec7912

    Download Submit