Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04/04/2024, 19:42
Behavioral task
behavioral1
Sample
c10d076b996cb5117b23bdc77d8563fa_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c10d076b996cb5117b23bdc77d8563fa_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
c10d076b996cb5117b23bdc77d8563fa_JaffaCakes118.pdf
-
Size
35KB
-
MD5
c10d076b996cb5117b23bdc77d8563fa
-
SHA1
c724abec5a0053e0785008f2dc466b0a3dddda0c
-
SHA256
137afd6b982caf2768fe0181a7737e5c0be4a5f33c29835d92454cc587609871
-
SHA512
29695a693f88d5f1d870e1142cc8e75726b06d2cf599037a3789903679b9dc0bdef220ac492c464ea02203ea0488b826e4c2a3cc13c85724a77558c2023906fb
-
SSDEEP
768:EZBOR+4G50KJvOUnYrA3gANP5Ng/EVkzKIT3un:EHOI4c0K1YcgAN/2E6d3un
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2188 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c10d076b996cb5117b23bdc77d8563fa_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2188
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ddbfbbbab87f7f0fe75be8b14d49c422
SHA1a8aace32e5275899e74ac824f5354a07404c1c8c
SHA2564c5f370f8245abc75cf8da6450ef1d739ad24a0cf2d840c884bc4d6062a58cab
SHA512359c4ffb8a3d39e808e210264fbaad9e5ab56188a07d85d94312e418f58333cfb0d0ccf3e196f19d273d87aafd544e005c6c9b83fe71b090a9c1dbecc3dd0505