Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26/05/2024, 03:49
Behavioral task
behavioral1
Sample
743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf
-
Size
187KB
-
MD5
743dd254e0a068325554c1a9e44e083e
-
SHA1
c55ecc5b7623ae4f790d501c681d0c056fcbd48e
-
SHA256
caa09f4e8f90f530903ee777bf49619526cc4164a7866a6c4ac12b61d3832e68
-
SHA512
d0a883cbe76168c35a5f1aae5f2ddb46bbbe14d8f3e6c1cc4ed9b8dd0807b10c73a3ffedbc021718ed0baf07d55067ecb50704a040f700f1e945e7c8e073b9b1
-
SSDEEP
3072:92irbxzGAFYDMxud7fKg3dXVmbOn5uE6KjnnQ5srdqqO5DKvpAGUW7SJ:92MKlWQ7Sg3d4bO5Q+wvZKRAl
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2892 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2892 AcroRd32.exe 2892 AcroRd32.exe 2892 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\743dd254e0a068325554c1a9e44e083e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2892
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50eff0d6366321221244fa65018ac80a0
SHA1e7488af36f123e8932d73401e435f5cdcecfe457
SHA256d80d30f23a71738a463d15381a0275732af4f47d83f3a9de2068ca0e21f97058
SHA512bc1a7405559e79126dd8301cdc6fabb7ad334ac661ee92586f9cb5d554fb3e451b4beb894837d59444504cbe200ae2a47f0559889a6ac028e37fb3597c367afd