Overview

overview

3

Static

static

3

aa3b7dcb79...18.pdf

windows7-x64

1

aa3b7dcb79...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 14:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa3b7dcb79b1fa3bbfb92c4c444cc698_JaffaCakes118.pdf

  • Size

    45KB

  • MD5

    aa3b7dcb79b1fa3bbfb92c4c444cc698

  • SHA1

    88e1390275386e9c5af3a634845797d9618c61f0

  • SHA256

    3da27c53281fcf8a2f61a3b17db136045f9b3dca1090be47351120d81df39572

  • SHA512

    c7700f6efb0a9c29955ff11e27db98ed18249e44773ffa9421b539b19e38fbc70948f383b21c4e9fbc75f0f302cc7f56e17f8952beaf7cde3bf8675b3134d985

  • SSDEEP

    768:YgGzpDPOwvMVXYI+7rHe8WkcDn/9uTD47Xv661MN+LXdvEDYA8LQiofnnIdGUrmp:1GFr2Dnlu2S8g+LX2YA8LHofnIt6o7Wj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aa3b7dcb79b1fa3bbfb92c4c444cc698_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    29e855d0b9c1f068c0dea73d34d32a2d

    SHA1

    5513d285d629107b90b23e1561ce7519dc319cda

    SHA256

    364a8545adfcebfdb3836076955b869e0d99243e6b03257279ac1b6ba0ccb1ab

    SHA512

    385a70aaea5eb341d86f21a3d79a739830a257cc862c77466516022d950996e95acb91db8a72120c621eee196fbf91cd12e663f5d35ed88d4a210b5ef62ffc86

    Download Submit