Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22/05/2024, 16:33
Behavioral task
behavioral1
Sample
67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf
-
Size
25KB
-
MD5
67e5e9ad8caab919d353108aec0aeeb6
-
SHA1
a086f31fcdf0fd6920ac05700cca68aaec53246b
-
SHA256
ed91ca71d758578968998ade6d5926352b092ca96e31366cdf4f9f4052b8b757
-
SHA512
bcabba237518898a36632fc59dc0087e0beeaf8c44f533f3dc5b5073f860af6c60cea0d786370a03e3844cfbc10ca3069c9cc7ce50832e00427f6d8bb347c900
-
SSDEEP
384:T/QON8MUG6Qgw0JZCTzz02YFnarXp0NUm19RFY17/ZXsr8cNQSXJrYcOSCUS37SG:TXuMZmwgCLWarauO9TkTZX28cNZ9/6Z
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2188 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\67e5e9ad8caab919d353108aec0aeeb6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2188
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD596461b962bcc68ca7647dfbcdf162719
SHA18a67fa8c0ffeb2de8162ad9a5f0ad288dddcea3a
SHA256d6e7dd1c61e7969ee7c51c793f677fdd9da5028a6d3b26fabbee3d0d115df748
SHA5122a029f5893b5dc28cecedd3cacd7a0c623b3c35b6c0dc0ff3f2c5b659ac5ce06f7754890f6396cd44fb49b6ca31066f9f316f5724fc95d9440eb839a8cc350fd