Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 12:00
Behavioral task
behavioral1
Sample
f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf
-
Size
71KB
-
MD5
f5b8680e0ddfdd3694afe2d88c80cfb7
-
SHA1
59ab3460c54060116cd886cac474b1194a5123ee
-
SHA256
640e3d7412c5980596b9c223a3d473632f0a008e8e707cabf3cf374ae7cb6da6
-
SHA512
da2b7b0db1885d8e45650f9dbfdb9fecadae4e427a6f0bbe3988462c631ff484df4b672fcd78a0e85182693350ba69542290f1205295b0c9053b5db225c8b4bf
-
SSDEEP
1536:sYHaX7HxoUFdQAsMlS//tGcBvHhL0sWYpO20gJLYqWki+hodxty4:d6rHGUFdQ8A3BvHZ0j21ZYZ+gr
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2948 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2948 AcroRd32.exe 2948 AcroRd32.exe 2948 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f5b8680e0ddfdd3694afe2d88c80cfb7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2948
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5694a69c29645376c79b33d140ee741a9
SHA1058151bc03aad26f94c0d4c9aa2c923c5a5a98fa
SHA256da6f461b8441a2bea0727742253e8a43ef2e0c3eaa6ece60d5ab44528607132b
SHA512db3ca028c904f5b25031a61e54f5534bf815d7f4e4b7e9ab2b6435b7764073209ef628ed349a1457c03407db2b6158ef6c49611b3b5f3211494aba8b87e057c1