Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12/06/2024, 23:47
Behavioral task
behavioral1
Sample
a2fec2fda72afb581ae07ac9d812ea54_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a2fec2fda72afb581ae07ac9d812ea54_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a2fec2fda72afb581ae07ac9d812ea54_JaffaCakes118.pdf
-
Size
62KB
-
MD5
a2fec2fda72afb581ae07ac9d812ea54
-
SHA1
e349ca0e9f4e4b43ae5f21cdd064599e5d2f5b7d
-
SHA256
a4f2a65d1348327ab9287617dc4bf552d186ee447301809822e01e0d14d923ce
-
SHA512
337d396e25b167ae2490aa0c313b5cea56b86ac99b119435e178d154895eaad4c235022d7b842ccb3d7db67dc97c1e24356b273b335255f912af71309608039d
-
SSDEEP
768:1gGzpDLp5rr8W8p05TCeqmbic67lHq3/L7kOIuz1kEMu4bfD8A+p3Ch+H0Icl5Rf:mGFPpH8i8TbcU3Z+hCcH0X0+Bggs+RJ3
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3052 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3052 AcroRd32.exe 3052 AcroRd32.exe 3052 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a2fec2fda72afb581ae07ac9d812ea54_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3052
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD586468f37267082f3ffa4a6efe5deb0d0
SHA1ae15be9b14d4e84ca90639d9dd554015f5599ff2
SHA25637f345310c67f5c4d70a47029b36a71cf3a79bd0bb0db5eecf1817d59d4b52dc
SHA512c0041fe9898f0d26ace3d674e01f7ce31205a53b0734d54d729c8fd253b2a24a886698cce0e3173d9f98a1bbdade02fb717f95cdd937eeff13250acb66d50034