Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22/05/2024, 07:52
Behavioral task
behavioral1
Sample
668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf
-
Size
16KB
-
MD5
668b26770597ac740a9ee809ca2839ec
-
SHA1
df011134e0682c961092134e0e2a356c42b8dd2a
-
SHA256
f5738d2162c67b7d1150a489a377f0cd5ed258b10dac55b6bcd3dd1df3ce8c4e
-
SHA512
840c616447d3ab46d3a6794513fb84fbf332ac5fda4a2893b6f82b6566367124807576fc75145e19ec4b4ef4dc052076584fe41c69d6285b43095c2eefbc094c
-
SSDEEP
384:Vz5rzmujz10arRMshl/5bIv7ukCr/vMQtghviNmrPg8xPdoBtD2BwNUe3bFqNfqW:Vzsujz10aVM4Dkju5sJ0srPVpdIM0NbI
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1608 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1608 AcroRd32.exe 1608 AcroRd32.exe 1608 AcroRd32.exe 1608 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\668b26770597ac740a9ee809ca2839ec_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1608
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e68ab88a1e6bdd37031e50b6f9bc5183
SHA14729076d522625f5d5c01fd50a281b054ee3ca89
SHA256887c9d4f6274902259b23d19ceb197d15631795339bf2df332f15d3700b911d3
SHA51280217260bd0d382ff351008f98c64e1b1fbccc55171102bd53bcce45a27d56ea30a6733f5f1e3b0100bec246f9739385a946a761b86ceced6cb702a942c1b5db