Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
30/05/2024, 14:15
Behavioral task
behavioral1
Sample
846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf
-
Size
14KB
-
MD5
846f6e11f2406715467168008f3f2e37
-
SHA1
b445ff053d1a6fd5af5a664c923acd663ba5adb3
-
SHA256
5860f4d7b35974a9845c7c0dbf6f97c5d5fb026928709fedfc2955b245f922cd
-
SHA512
1bbbef28284d1b9fd890f48027048fd2426c0ab29505cf0656cf205d2a0220fde7570fe9cdae7876d47440445fbb48510e8c76f1c6f982840a2ac59895139c54
-
SSDEEP
384:VzLP9Pz1YDAhl8A88ObBitQkHI2YhRG1n9EEqQrTw/G53dnPhAMM/FWPR6fvVWEw:VzTxz1YDAz8AXOlEQko/hw19EtQ3wO5D
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2068 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2068 AcroRd32.exe 2068 AcroRd32.exe 2068 AcroRd32.exe 2068 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\846f6e11f2406715467168008f3f2e37_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2068
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD541d06018f23e499d83f61454fb400551
SHA1037c1dc31e4f38127e09a3d41c97acba1c92cc6b
SHA256318fb75e398e9dd6b1205b9eb19c2d3d5ee25b75d42d7dfd8cb34e754a10e4ba
SHA5120394e78b0d8de9ed6c55293d7f32ca6cb46f837dd74f71c8bfb9fe6ca8b598d33e42a115128362555148e8a47e4540d847b7090d0888f74360ac1c9d91abb4a6