Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
16/05/2024, 17:55
Behavioral task
behavioral1
Sample
4c56d16c822a7820249ddde816512628_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
4c56d16c822a7820249ddde816512628_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
4c56d16c822a7820249ddde816512628_JaffaCakes118.pdf
-
Size
32KB
-
MD5
4c56d16c822a7820249ddde816512628
-
SHA1
2565d91759d64875c5015a469738be908fcb2a1e
-
SHA256
677bb60a9dfcd5548af93ee2b90d4ae2d9cdb3ed7f2ec6f9ffd454934341545a
-
SHA512
e5e872687160a19e23d48d93a8fdb5738a875698452b767b25f22f53072e85df617ace874f70d6f6666bde9e456f602f176ae2c2964fe4f6d7f233ae6bebb48f
-
SSDEEP
768:4gGzpDBpSZDzJCZooJsGWh+7sOsYP5L6Ddk0PZwi1:VGFVpSSsexL6zZwi1
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2080 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2080 AcroRd32.exe 2080 AcroRd32.exe 2080 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4c56d16c822a7820249ddde816512628_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2080
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e991acd1a9351131b5f86c952ca000e5
SHA1ffda3a9f330118fc416fb814a2d0a1d44d789596
SHA2566389f8bb33a6b2139023a9a11b43d478bc29976098f9fd515b5a6bfd256194ad
SHA512ced7eff0afa684c20e3138dce2d8eeff3df88123ac19713ebc976b4e437ec7b20238b9e3fdae41929c03bac7eeef36d55c0f9d08cc0f9eba2a671833a67db419