Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
19-04-2024 23:13
Behavioral task
behavioral1
Sample
fb61b4e9fc6d4b4a06e75e6a197d3b68_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb61b4e9fc6d4b4a06e75e6a197d3b68_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
fb61b4e9fc6d4b4a06e75e6a197d3b68_JaffaCakes118.pdf
-
Size
85KB
-
MD5
fb61b4e9fc6d4b4a06e75e6a197d3b68
-
SHA1
d4f81c89c0667b2030094851956fe97cd5cdb27d
-
SHA256
54bd5536e64c6451c49db2651f5f5a830adb7449a8ef27aea7668d497c6cb55d
-
SHA512
d2b56ecafbdb7e8b9fc70ce88533023911b05bdae7470d1c99f1de547ec7f8964e53da09e2e04259548c1b0996174f833fb8be07e35ecf4801f2cffdcd33549c
-
SSDEEP
1536:cvRa1mkzDjXkxif/Y2sCjtMtxRxdXiiD1SttglSsGWXo9K5UbuBd87QeWQpOCLei:ga1moj/9sgit/xhii5StsSsVUqjgQRCv
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1912 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1912 AcroRd32.exe 1912 AcroRd32.exe 1912 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fb61b4e9fc6d4b4a06e75e6a197d3b68_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1912
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e85541677384aa856054017f2d835b1f
SHA19713bb34df751e4b6933e907c13fe8c13b4a8ef4
SHA256f4b73845567d8ce623ba27630d19eaba58f1a2758257418239c949460dbde808
SHA512acf2e07f7ad9aca29033bb076655bccde05a6da4aec5b6d866956a620bd9f22817425998a9150cf22cd6b17a21414a8d35613a24716f701e1aa482af4849df9a