Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08-04-2024 10:51
Behavioral task
behavioral1
Sample
e74afb220527cad83784065aa3d2ba17_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e74afb220527cad83784065aa3d2ba17_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
e74afb220527cad83784065aa3d2ba17_JaffaCakes118.pdf
-
Size
73KB
-
MD5
e74afb220527cad83784065aa3d2ba17
-
SHA1
83c99510eacd7dd96418c0951968984a69db7d7f
-
SHA256
db4dd03b7bd4e7a49774bba66dd1dd63bcb65fa97ea6c9a42a8cd39aa4b74b46
-
SHA512
4c77d50b80a3eac5c8195f21f5e4888cf580e334129606f3a143cae56184b628dcb1560fc5dd00111f1b962547f182f7676750df1bc24e20fa6f77f70cedcdf6
-
SSDEEP
1536:7EmOBCDjToI50E/XqwGQ4YCmm5BF7Wnk70tyQjpSoVj0W8pO+Xa7:hbMIOQtCB5BMkA0QjpSqP+C
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1964 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1964 AcroRd32.exe 1964 AcroRd32.exe 1964 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e74afb220527cad83784065aa3d2ba17_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1964
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f8a85b9c65a4c6eb9f5ab7410c2864db
SHA13c19790c421fbedf585074f1b664d7c0ed4ae21c
SHA256dbd108452b0de74c247c016364c4abdc0055b2de8eb4a5b4932b66c02dc2bc08
SHA512cd9407023c2a81afe5c81a339e3d29814de19fcbd39928119656969f151f2f25291a0b81026e957be23f38bf0b783c59f7547473904486cff9b73649b960e3e0