Overview

overview

3

Static

static

3

a644cc81ad...18.pdf

windows7-x64

1

a644cc81ad...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 15:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a644cc81ad21545d67944720c7ce5146_JaffaCakes118.pdf

  • Size

    42KB

  • MD5

    a644cc81ad21545d67944720c7ce5146

  • SHA1

    5f41eb5733e48fab7f65a64232288d4e5302f7ca

  • SHA256

    68679cd8a953cb2474530afab7340c1092095800eea478d67aeb25cd15070333

  • SHA512

    2e6b7ac05dccbf57e815a01db9dc59d8d672e21ee0eb270e582bf64dfcee5da2ae17b64a0d707d0b93c79cb0ae694a8f77a82ac2fb9912ea74ddcd800f2d7d35

  • SSDEEP

    768:Xh+3CrLyiW1Qos5VZ9LZWB7d3GrmA1dP6VtGDmcuTDQxaCFP2PJKbb1H/BLJZXnc:QCE1hsFjq7d3Gr91dP6VtGDmcuTDQxan

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a644cc81ad21545d67944720c7ce5146_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    bb311226160666def17ec776ed31e039

    SHA1

    aa6561501cbb34303044cb0deacdbdf94de349df

    SHA256

    6e769d49ccd92910000095135c0aea983d23dffe313bd629340c21a745ff24f9

    SHA512

    09ceb55650c1a03ac03c2972d26a18e8388bd8e13ebeb6a78dcd2894dfb1bfd83f01712c5c3863ea1c1cece07933edfa3d45649b268b5b543cb3f7fac221f24f

    Download Submit