Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 23:17
Behavioral task
behavioral1
Sample
68f91e4f45e7b9a8fbf2ad35785667a8_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
68f91e4f45e7b9a8fbf2ad35785667a8_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
68f91e4f45e7b9a8fbf2ad35785667a8_JaffaCakes118.pdf
-
Size
38KB
-
MD5
68f91e4f45e7b9a8fbf2ad35785667a8
-
SHA1
99a7d34716a6fed5c45f6474b6328613f6c40a73
-
SHA256
1adc6bfd290fbc408719731aff4323a279346f10c4ef49e01c3f92af7d8e763d
-
SHA512
15a4d7cff8101d14dfdc2c9491f137acb5cc0a6f383957be16e60298b2a6ed82775049c0a8baa67c9d0fc1bda6738ffc25799552a5f11b265a37851b1d3c532b
-
SSDEEP
768:v8IbJ04LeNC2PYVXGxmCucC1pnVZTaesL9E5vXuMZmwgCLWarmdl:vBbJ0YeNBPYVXGxmCuZ332VL8XFZmGWl
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe 3024 AcroRd32.exe 3024 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\68f91e4f45e7b9a8fbf2ad35785667a8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3024
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5de62e9a17b373ae17b17cd7db86adaec
SHA1673b9975f3ccc7dde1fc6368f2ada66597f7ecb7
SHA2566751b05557e1b0e219385d6fdbbb849540b11db5ae6bfb935fc113978977c385
SHA512e0e5c4499a107520575269004288c3c7c5def02b26b7d3bd3ef4d2fb0ebb3ac1f149796d7666a751f4dc5e7205084a7091927ab78a9c788ce2608d45aef7ffea