Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-05-2024 19:20
Behavioral task
behavioral1
Sample
64773fceff943548c1e6e98dba7ec553_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
64773fceff943548c1e6e98dba7ec553_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
64773fceff943548c1e6e98dba7ec553_JaffaCakes118.pdf
-
Size
45KB
-
MD5
64773fceff943548c1e6e98dba7ec553
-
SHA1
f774246c9a488055b3a820e891a66376db49ed9b
-
SHA256
2a4b2be98510299815f66e61fe9e4bc0d2d4a3580e29decb70b29f42c8c54385
-
SHA512
48dfc4f1c479a651c1c8e351e17493f14770997658d1922d183a5d661a9d364a6ec155cbf5bef85d57b6bb38d27e88429560e07962600f2da3f7f87d0224ac89
-
SSDEEP
768:UgGzpDleTwIFXUbUeDK9+oATSDPi63Fjpb1W+aCpVcHzxdk9vi5yIiob:hGFBeT0wAT0i61jpZW+JpmTiviLiob
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe 3024 AcroRd32.exe 3024 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\64773fceff943548c1e6e98dba7ec553_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3024
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD582341b98162949c3aa23991243dcb674
SHA1838be03dfe033e7f9c15e81557e4312f3a256bfd
SHA2560470a8a4b4095d65e3349fbfdfaf8b2cfb61e0dfe058d0d3ba64570daa24c6d0
SHA51257a56135b61417f3eeedf98ff125fe8e5eaf892b6d92fe944c72306bad92f7bc705f7d4d8fcfe303aaa60cd9359a05256e39ff169e9d05bf665a5c1f5aed33bd