Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/03/2024, 15:07
Behavioral task
behavioral1
Sample
253a222334846a1004e8b1ffbb33fce1_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
253a222334846a1004e8b1ffbb33fce1_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
253a222334846a1004e8b1ffbb33fce1_JaffaCakes118.pdf
-
Size
58KB
-
MD5
253a222334846a1004e8b1ffbb33fce1
-
SHA1
d96931317c08f4e1aeb9d665982aca50448e6384
-
SHA256
319907555540336e24f6477c8c109cc9f77d4e17d98706829e9264ad9c8660f3
-
SHA512
936ed3e5dfb2440f5022e36f6053db6a4afb3f2ac9dd48109d6582ed9d29b7ecef5d1df5649895f6cb1b41e4d93365ba783cda945895798cf93215b8f140213a
-
SSDEEP
1536:6bhE9v3izvY/XYZ8lhyM+6f45OszWrYWP0jK:0m/izQQevyv6f488jK
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2164 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2164 AcroRd32.exe 2164 AcroRd32.exe 2164 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\253a222334846a1004e8b1ffbb33fce1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2164
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53eca7a49edfa498af84e8b48d46d929d
SHA1d90d85436a53f3959d787d5c338e06c043ecc81d
SHA25679765ca0e85fd0dfc8f5e234d0848a7d96cc7a7ca320a0387b322cfd89f8f4af
SHA512d1126bfbbb43f6db09a210b167bebc45b4e7e8b22ad51f689dcb82c0ba80e5107dab7ae00a901da277c356b5b714400eafba055c24f9cd5c70e4a72c1f520a98