Overview

overview

6

Static

static

6

3525e5431c...18.pdf

windows7-x64

1

3525e5431c...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 14:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3525e5431c45b3120c2df7d32ed4d389_JaffaCakes118.pdf

  • Size

    50KB

  • MD5

    3525e5431c45b3120c2df7d32ed4d389

  • SHA1

    1375bcb8ae85ea1721d34e0ca4447ef2ddf2d1c8

  • SHA256

    8b5be53550cda3b297cb2f567118602fc5657f64b934bf81aaabe171f30ba36c

  • SHA512

    9220113f90514eb1e00e2a83477550e8b26004f618af958b2e9424f16d4e9c6dc4c83934700222fc67aa2067dc22cd0bbefbed35089d41179641a356a1aefcbb

  • SSDEEP

    96:fzQCD6wAJW1tLmekqfITpmO4LIhw9541s9tfnFOmRh9GlhgG7R2iVlqII/5Kmtpo:L36hW1URr44++

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3525e5431c45b3120c2df7d32ed4d389_JaffaCakes118.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 -s C:\Users\Admin\AppData\Local\Temp\wpbt0.dll
      2⤵
        PID:2700

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\wpbt0.dll
            Filesize

            9KB

            MD5

            1e9c357c9dc5a823c31225dc5569084f

            SHA1

            b518dcd8ea8178dc66809f845bf806ded9babd0b

            SHA256

            5aeb6a7793fb1d407b92fd2cabe7de0f229dc8f17fed7fb1ad3f65d9222995bc

            SHA512

            cbef1a5b773fab6c179450611904e9a84e09c44f8b50ec3ea728a86df8f1f9615a3789ac22ec851314ecfb7afdb217d37563a26cbd68c5cdb052dde4160d8a20

            Download Submit

          • memory/3040-3-0x00000000026D0000-0x00000000026D1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3040-1-0x0000000003B30000-0x0000000003BA6000-memory.dmp

            Filesize

            472KB

            Download