Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20/04/2024, 23:19
Behavioral task
behavioral1
Sample
fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf
-
Size
78KB
-
MD5
fde1fed48e25a18cc70b1d065f2a057a
-
SHA1
d138e5f1a9cce66ae61f9975c2d9f011dca45244
-
SHA256
18051c409a7fadc7e73d5107dec938c346674d0182b8c6821e9c8d1ed725b202
-
SHA512
2d7088854cc1cbce24cad4fd934bff1239fd30b59daa69c8bc7141143361ffe24b09a57e836e588e1678fe969c1f80e1aa4dab65b89012e6740c9c075c7933a1
-
SSDEEP
1536:SMR6WzH8RS8OyKjJtlDUYjeGtaRrFdul0BPmoabYl43pFTRSB35:fBj809rjeOa7Tabk43pFTRSn
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2436 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2436 AcroRd32.exe 2436 AcroRd32.exe 2436 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fde1fed48e25a18cc70b1d065f2a057a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2436
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD524a84575482bc92774e3f8f3f5c67306
SHA1f3c6e5a36332ca8980d92e678b85b87373f1e46e
SHA2564482a4910779b203ca99f6051417ce761e4cd74f888e3db82c9c4cfd394d4911
SHA512354deda39ce44918589025a17cd1c1b0e5b3bd61a7be46a58e8bd380a546bb1113b3b32ae142ae29371264c223df1fe17b498c4b19e164aa0706e35e1fdb24df