Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
05/04/2024, 05:27
Behavioral task
behavioral1
Sample
cc152bd978a88b5d8fce824ce89b0a7f_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
cc152bd978a88b5d8fce824ce89b0a7f_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
cc152bd978a88b5d8fce824ce89b0a7f_JaffaCakes118.pdf
-
Size
73KB
-
MD5
cc152bd978a88b5d8fce824ce89b0a7f
-
SHA1
b83a82266fd645ade186e36ce6b8435ce75f3f5e
-
SHA256
e57da090fbcaab64be3a158199f1d8623260fac9a859114548a6d23bd52ea394
-
SHA512
725ddaf0471a5ceef34ac84a4e34219e957ab8cd3c78a2bf316effbb68de0955b8126ed2bc7a48be1bd98f44479ec34f63640f37e7ed6961e98902e79016d258
-
SSDEEP
1536:w4hWyICtxb8Yd7t2DAeCEDwzH/qdI+yRWvIJqiWGeIWUpO7WrS:zkyI2d8c2hh0zH/0y4IJrer7r
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1536 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1536 AcroRd32.exe 1536 AcroRd32.exe 1536 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cc152bd978a88b5d8fce824ce89b0a7f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1536
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bfc5cb9a01c42d031b983f236e616d99
SHA13af6c0c1926887449ba446b9fc70e470264a98bd
SHA2560fde3ff60032211d553fe676f9d308e623d015289790ee133fd5f013d4e2dd57
SHA5123d93a68f1828cc8e5fc0df063720fd555f78008ad423e276650fcabc0c15a8fe46e58e4420c45778232d57cbd82027d43257f263002b8a118da9b5b34d4e939f