Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
26/05/2024, 09:55
Behavioral task
behavioral1
Sample
751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf
-
Size
45KB
-
MD5
751a3cddf82c9c217e7cfcdd54b73540
-
SHA1
f43ebd9535150c91fa56fed89cfd3c9c97ecb064
-
SHA256
a5f3122348f88f8d52a0fc317ca3a7a84aa1e6dcb98743368dd38df9ce8677e6
-
SHA512
791389f354dff91020fad1af7d3252fddf4858917e4187fb78016f9b1e2beafb83ab9fa230f18d2c88ffacc4383c5bbdfe12e70995251f12d0b79e497327c8e2
-
SSDEEP
768:9gGzpD3pNS9rI3rXP2vSVP2p+nMRVxtCRtbND9jUglJe6LSKeTXMktU4W1oo14yr:+GFzpg9k3rF4uRtbjRlJegWTX7tU4WBR
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2388 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2388 AcroRd32.exe 2388 AcroRd32.exe 2388 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\751a3cddf82c9c217e7cfcdd54b73540_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2388
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c97b812d01418515030d30b99c1f37b4
SHA140cd70cb519d3763c274f9c71050adc9fef841a3
SHA256ec7585ea9611f9270904180876215070dfb1a5ae6fdea8c32677e56214aa67c5
SHA5125198e41d1217be212cb5e2b26410e842cac7fb84e25c4716b676c930b1912cd16449bcb6d841d5abaec4a17d56fed8193ad09504a07df4dbc44c84f8d878d63d