Malware Analysis Report

2025-01-18 22:48

Sample ID 240615-dvnj7axend
Target acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118
SHA256 323096ab9c664621944283fb6fd5e5f0d37f3124e5d2c08b089ff67236fcf5c8
Tags
pdf link
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

323096ab9c664621944283fb6fd5e5f0d37f3124e5d2c08b089ff67236fcf5c8

Threat Level: Likely benign

The file acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118 was found to be: Likely benign.

Malicious Activity Summary

pdf link

One or more HTTP URLs in PDF identified

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-15 03:19

Signatures

One or more HTTP URLs in PDF identified

pdf link

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-15 03:19

Reported

2024-06-15 03:22

Platform

win7-20240611-en

Max time kernel

117s

Max time network

122s

Command Line

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118.pdf"

Signatures

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118.pdf"

Network

N/A

Files

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

MD5 1efa84d78b4fa55de53cd761a9e6b2cd
SHA1 f29b2cad5dd183f77cfe1c025b3c12180d20ac0d
SHA256 dbe4b1730ff81aedee97d3974010cffeefe6d042d1ad8209b71b73550df609ab
SHA512 7ef59b5e72f08ec8141a702b89c9056747d1b6e81cdc15028cb1b674167e2868231c50c0ac64d345ce6008991aa1d75cf5ff00429112373cd6a95d02b876d8db

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-15 03:19

Reported

2024-06-15 03:20

Platform

win10v2004-20240611-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A