Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 02:59
Behavioral task
behavioral1
Sample
65c7c438c6764f4074dbbfd90656ea23_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
65c7c438c6764f4074dbbfd90656ea23_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
65c7c438c6764f4074dbbfd90656ea23_JaffaCakes118.pdf
-
Size
36KB
-
MD5
65c7c438c6764f4074dbbfd90656ea23
-
SHA1
79df5ef48050b8869cf3737f5f502b57137c5eb2
-
SHA256
91dad4404bce4c9ad3e33d97cefc861e9d0c8e529ecc2fa685c584ef47e21656
-
SHA512
e521cb599e3656a6fb69771619727f5d5f892cd012022cbeb09051a87c92b56818f60543894d61294a6aed367ebee0c021d4dcd29d5f80f4930d768abecab94d
-
SSDEEP
768:7glwaH63fBKTV/Ot8jI8DJmPvJbEfVdOrTTu/dlNl2IuhG9cBRPXmPTHkb5E51XW:7glwaH6PBKT9XJm3JbEfVdWTTu/dlNlo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1684 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1684 AcroRd32.exe 1684 AcroRd32.exe 1684 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65c7c438c6764f4074dbbfd90656ea23_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1684
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51ccb29111296a6ca66d462588591a691
SHA1da033620dc8cf2afedebb790dcd5d5546cd000a5
SHA256ff772dc73ccd9150565e2ca00cff2cb2048a2fc95cf7179ce5a72f3c08431361
SHA51297b6121424ef7db550cf0704f51814ab3a0a8fb72f018a3a2356e10d54f30f843de4984798b81d82a7e47ee2b6b502a5d89919e2c29729e1ad47520e04449981