Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 09:24
Behavioral task
behavioral1
Sample
0077758cba273ddb6efd3e937c1dd29d_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
0077758cba273ddb6efd3e937c1dd29d_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
0077758cba273ddb6efd3e937c1dd29d_JaffaCakes118.pdf
-
Size
38KB
-
MD5
0077758cba273ddb6efd3e937c1dd29d
-
SHA1
a8d874adfac6f1cc9ab922617061ef05755e7a9b
-
SHA256
d57ed5feed1bd5248ca3e72e1e6102cd922d5d79decc0a9b9738e7204233700d
-
SHA512
53af2f5229bc3628190a270bc7132483dfdc77e9e29e2d5de4455a071f5e5d54b4d80c7bb730ae76a2a227315ac309992e5b5619853990d9ebc65d7bc4613f22
-
SSDEEP
768:Vz4zDQlH9xz5FoZ9ILoo2JmADdr+7s91e5YBumH457Qw733oeOu/speOkc4RT7Qf:FlH9Lyl4Ya/CJ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1888 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1888 AcroRd32.exe 1888 AcroRd32.exe 1888 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0077758cba273ddb6efd3e937c1dd29d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1888
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dd1211773e0b8007bd042e78ccb446ba
SHA12650e80b1aadda48938643ccb2b2b7124360b438
SHA256e969900a8ec6332085336e38ade83a6f361c28bdc015d4eb031552e505af4bf8
SHA5129a02ad26129de98dfc5738caf08216e3eb80fdf921fd45b6e3f0b59a2bcdb520c4bdb5e18bff65caba08ebe2dc2cbc0c1128b69e06fcd88d3625b80e774ef444