Analysis Overview
SHA256
323096ab9c664621944283fb6fd5e5f0d37f3124e5d2c08b089ff67236fcf5c8
Threat Level: Likely benign
The file acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
One or more HTTP URLs in PDF identified
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-15 03:19
Signatures
One or more HTTP URLs in PDF identified
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 03:19
Reported
2024-06-15 03:22
Platform
win7-20240611-en
Max time kernel
117s
Max time network
122s
Command Line
Signatures
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe | N/A |
Processes
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\acb936ebc421b2cdaeb5d63295ee2744_JaffaCakes118.pdf"
Network
Files
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
| MD5 | 1efa84d78b4fa55de53cd761a9e6b2cd |
| SHA1 | f29b2cad5dd183f77cfe1c025b3c12180d20ac0d |
| SHA256 | dbe4b1730ff81aedee97d3974010cffeefe6d042d1ad8209b71b73550df609ab |
| SHA512 | 7ef59b5e72f08ec8141a702b89c9056747d1b6e81cdc15028cb1b674167e2868231c50c0ac64d345ce6008991aa1d75cf5ff00429112373cd6a95d02b876d8db |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-15 03:19
Reported
2024-06-15 03:20
Platform
win10v2004-20240611-en