Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
16-04-2024 01:23
Behavioral task
behavioral1
Sample
f25d40c0db7423e265f8081f2da50e7d_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f25d40c0db7423e265f8081f2da50e7d_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
f25d40c0db7423e265f8081f2da50e7d_JaffaCakes118.pdf
-
Size
103KB
-
MD5
f25d40c0db7423e265f8081f2da50e7d
-
SHA1
1db37d7be3d2339d9ef2e3f0bc25ce13fe5cae33
-
SHA256
ef6c6dccf5635043c66efd76a971dd2aa89595ea10d03ddc5e0e647073231031
-
SHA512
a1124ea2e4e502137d17df73fcb83b03af5e760d6f94f83da6ffce5c73dcfd2060da6dc6d847761a9aad8674ee0f7772e0f4437687876d317a89459d15d4fe37
-
SSDEEP
1536:k8NJ58A0ivl8OG7Sa+ZwSuJLtTs8RsMkv3aTocpV+0apbM5WyDGzAanpWOpOwr7Z:ZrhN8Oy+ZwS4hXRsMsmocXbAdmwr7jd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 744 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 744 AcroRd32.exe 744 AcroRd32.exe 744 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f25d40c0db7423e265f8081f2da50e7d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:744
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fd459b00918b894ecbcd71eb28e820b3
SHA189c2bd201bcbd4dc96aa3db8f28dbcc66b6979c3
SHA2560964d12fae9c7c8c9946f12da55db41b2d3d138b16976c987f61b050e917bb46
SHA5127eab3f3b441bd711f6b835018cd9d36a6fd6e7c387869b667aa5d5f33aafeaef65cc4190b687cd7665d81c7edaeeea88abc12f8f57122b06e6219a8343163f5b