Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15/04/2024, 17:07
Behavioral task
behavioral1
Sample
f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf
-
Size
35KB
-
MD5
f18e6a4135b7d04f22f201c4b17163ce
-
SHA1
cb3a9d253f9abe1bef7e64e6c8e02a81c9571b8b
-
SHA256
94b598baaa020216c1e45ce78f9269c1205424b678028ea6ce837cb60cb2cd50
-
SHA512
e01756ce6bae593473de813adffc1328ebdb5dc64134c01fc6fbe8dda6f0943487897fc231a9b4effcc6b805e3e1fdd2156c05ae24b56690510bcdfe36d71186
-
SSDEEP
384:VtOtk1vCUClIsis+YvSOHZPo8leOTk+orgPCUSoGSaTfSnyG6cgah9XPRTh9CUS0:VQtC3ClIsuGPpldoimSSaV6NahRPhnP
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1656 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1656 AcroRd32.exe 1656 AcroRd32.exe 1656 AcroRd32.exe 1656 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f18e6a4135b7d04f22f201c4b17163ce_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1656
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5952f7c930b6db888d0c98988669e2456
SHA180ba8ce07b9b532d08f98eef2853e5a4f79cd421
SHA256442b593ce77891e8205e6600287935f9737e33e53e5c6ed5ad919fd3affdfd20
SHA5122dbe5387ed18ecba648e0ac9d53c52f584a2e4de37b3581e313e06d08e2ab837bdb94a70a60bd3e94339c5eff0cf44246775f7e745cfde4e9ee6434ffb08d8d2