Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 06:55
Behavioral task
behavioral1
Sample
003aa16db35fa2f9e36deb52bb3a0d59_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
003aa16db35fa2f9e36deb52bb3a0d59_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
003aa16db35fa2f9e36deb52bb3a0d59_JaffaCakes118.pdf
-
Size
54KB
-
MD5
003aa16db35fa2f9e36deb52bb3a0d59
-
SHA1
ee5525150959af0b9bac28327353ecdae4ba0586
-
SHA256
45a159f9eba11aede34028726b6900841006ac70441f924a30c34a547c3df08b
-
SHA512
dd118a3994c7d8f80c4f7bdf6efa54316e3bebe3cc8112aad53edf0967b83937cc91eb70796791332ab6e10824277f89c58cd83da79c1f0a44c0f2b4068224e3
-
SSDEEP
1536:vcFspj5vMgOsEZ2ODG78wtvBbZGn+46VOIecTWCsn+YaSt+jx9jy78ujmrkhk84b:vcOFJF/4dS5JFg+bQnaNKLhEtx+8QerH
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1652 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1652 AcroRd32.exe 1652 AcroRd32.exe 1652 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\003aa16db35fa2f9e36deb52bb3a0d59_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1652
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bcde550424dc1adf2aec2803a8afd909
SHA185bd452053fd77c83e953855a6a6ed80d8e99c3f
SHA25635a588861c79aa6d2f94a0df4428be6c9a253c9cf3fb8622e241182b60ea77fa
SHA51293fd5fbd82f8861028ae703e199b4cc343467ee22329eb54005f8e2195c626eb0b061f126b9345a985d87ed291d31568798150cdbb0e69d393084bab4c928042