Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
05/04/2024, 00:56
Behavioral task
behavioral1
Sample
c673592ddbc608f875a5dfd555d4ebf5_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
c673592ddbc608f875a5dfd555d4ebf5_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
c673592ddbc608f875a5dfd555d4ebf5_JaffaCakes118.pdf
-
Size
89KB
-
MD5
c673592ddbc608f875a5dfd555d4ebf5
-
SHA1
53e26f2b1535cc989b01154f08a65fbba5fbf0b3
-
SHA256
86fc9228784c6ceb4e6ea1c82e4a0f622fbb5f66eb5ff8c2003934b7500fce81
-
SHA512
b0b564515b7bc0bcbce67d885694b46ac8e6ec85f021708e2faf28ca8e7dbb409ea9fb0bc56aee01c318fabd72d0421520ef829e1f3146123e7e3f8def6b3dee
-
SSDEEP
1536:1AzpaNrXBNUHSgsD5kEp6w5MGxhCoI8L8xzbHwthTOrwi5WWxApOGzWKo7PynGk6:OzpaNrXBJgkkEpHxY18L8C2rV5D3Gd6L
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3000 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3000 AcroRd32.exe 3000 AcroRd32.exe 3000 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c673592ddbc608f875a5dfd555d4ebf5_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3000
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55f8a2dbf7e8448c68b765114f811dbd8
SHA1d2b1dfeed111c062f86e71014eccad4853e4ac59
SHA256afe11186436658f9f2aec60ab55277fe7d90514591e57727b2c7a56765e9bae8
SHA512c99e77bb644f8e4dd116ffefc82f054eb505c6ff3994ffadc4cb41322a2c1bfe368b24bf4ddcc236213c3fdea8198b391badf95562b18dbc32a301206af986f1