Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 03:18
Behavioral task
behavioral1
Sample
65d44371669d12bca7791f3a987b192c_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
65d44371669d12bca7791f3a987b192c_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
65d44371669d12bca7791f3a987b192c_JaffaCakes118.pdf
-
Size
4.0MB
-
MD5
65d44371669d12bca7791f3a987b192c
-
SHA1
269cad0f78f5e46fa44dc42723717d1a3cbbf3e6
-
SHA256
d71e88ca2098201ccc9e1ec950107fda5749fc84122ed56978e7c9b8509eafcc
-
SHA512
74d47f107732487535f7af26e6d596b9e320093d432c5f71389937aef29d2aad1daa1638573b6b2efab61472288b9d408263b08b2ba0f13a22f444a473492399
-
SSDEEP
98304:OJsRinyQn8OwMBNNdzSj1PbU455JcUtYHY7/Xgz:ZQ8GXdzSjlb7oJ47wz
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2372 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2372 AcroRd32.exe 2372 AcroRd32.exe 2372 AcroRd32.exe 2372 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65d44371669d12bca7791f3a987b192c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2372
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bb8dbb7e48e55a15bf95863a416303df
SHA19e16c910ed8daa6b689203263bf020680cb07b2f
SHA2561778f1b18b007f76a2992655bf087d06ed1ff293723f28ba6cf7027dc87e3765
SHA5122cc9672cc29681cb9e1f93d96905aa30e6a9f4a143ce49188223a62415fcb2313affcf29f7e0b1274b8d023c71889dc26ab7ca72290c743c255744abc71f12af