Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
28-03-2024 08:12
Behavioral task
behavioral1
Sample
012034c6d1fa5a544f1fab649c551da8_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
012034c6d1fa5a544f1fab649c551da8_JaffaCakes118.pdf
Resource
win10v2004-20231215-en
General
-
Target
012034c6d1fa5a544f1fab649c551da8_JaffaCakes118.pdf
-
Size
85KB
-
MD5
012034c6d1fa5a544f1fab649c551da8
-
SHA1
01d5e4d1a5159b2e7ad82a555b14985ee0381870
-
SHA256
672c1b92f905ad0bb047711b5effb707e419841560bf6ee8d1aea83c0afa6414
-
SHA512
bbd58c95f339230bcc93cf7d97c445ea792373ff3a552e0c49048c3e1d21fcfa6f1616a1e0f0b6f073eb036cb1f10a7f7c2bce4b0a2792f2b9f6a5ecd573e5e6
-
SSDEEP
1536:m7SokwsgajYFwjSrl7chpgi3kU31NoWYpO2xq9/DWCbzcvA:RoX7ajYFwqchv3H/24/XX
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1656 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1656 AcroRd32.exe 1656 AcroRd32.exe 1656 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\012034c6d1fa5a544f1fab649c551da8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1656
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55e34e93038e32f51b544fcd17eaaf02f
SHA1d42ce7f3ce1b53a53314305d502294898c311854
SHA256c6811a54824dd246796d4e319751ca483926cb2acf0846663b96bce1068a899f
SHA5121d5d820bfc39d16259f02f6ecfdd829c266459102ebaa6c64fbcf03e5b21ff294fcb0e26daee260f467541be46db823dd69dea19a11f00cb49363eb5ea5e725a