Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 15:23
Behavioral task
behavioral1
Sample
812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf
-
Size
15KB
-
MD5
812fc1152186d5e357bf97473f7ac436
-
SHA1
12e00b32cb7e13dcacccb820751769c79265552c
-
SHA256
e341582b6e90d3a6c95d117f4d74d4afcf51755f9e96263dbb3408ed5776cdc1
-
SHA512
d7c56d32be06c6f2dcc383b21334b95a29a407a50113d028fdbb5d62410926d3d9491730f0acb5d8ec2afac6bc7aa5470fc3b83976df30682f1bb6f008a84bf6
-
SSDEEP
384:VzQmQqiuz1mHe0jAjBFm0SmJdj7Yp884Mda3xX8/GBw02Lr0Qvn5x:VznQqfz1m5jgBFm0SmJ97Yp81MdaBX87
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2072 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\812fc1152186d5e357bf97473f7ac436_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fa4ce15a1870c710875a89d08b05a477
SHA199ef0582d474e47a59b8f435a00ca65bfc02d78c
SHA2564fa3a62fb65e132abc04b0267263da89fc342844cfc270edbdd2cb65c82dbadd
SHA512fbf3f7baccafdc56108d4eb2092dda3795e4f8d4fdbe02d8010abd9a88237847b7a263ddef91e781e8ff40584f13f2fbe73b31b2b4fa5c4d55577782944f9440