Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17/04/2024, 00:04
Behavioral task
behavioral1
Sample
f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf
-
Size
155KB
-
MD5
f49f6a5d400ef1dfff477a6bd62f7e45
-
SHA1
761f8366781baebcaf7c006f320b470f8fe0f030
-
SHA256
8d41135ae536a2d1b489f946026a6587422bfdd60063c21f983245fd57298083
-
SHA512
ef742229959d44a58d34c92caff3dcb4cb1b9d21f6b09a337df1ce34b8e21d7f3ee4e96799ed0003365e9c5ff2f9002df19426e2da58f0227c71c4fbd46a53eb
-
SSDEEP
3072:i4RP9CO+MIp2g3FZErYFKeX7DiSJmJTyAqxGPFkKnWvHXtQO3xe6zCws:3P9COVIvZgeXntITyA8GPWVvH33cT
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2412 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2412 AcroRd32.exe 2412 AcroRd32.exe 2412 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f49f6a5d400ef1dfff477a6bd62f7e45_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2412
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5570d8323690d5779717c3f2fda87a1b9
SHA15a1a92ebb2c2b832a49d43aeba45d2e21e6497c6
SHA2566aa19b99e4e3d6dedd392334cd9fe7a507525a39a3c4753b099d11c345053d07
SHA512808618f09c5158d6ecec68dfbf055ca572fb052f2b51bc4ae09cd19ef0432c79ff2bc78121156386f2690852aa1e039ad317db4db3bb0a10904b7b2c3d5355c7