Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
12/06/2024, 18:05
Behavioral task
behavioral1
Sample
a1a715a098722199b98da3dfd856b64e_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
a1a715a098722199b98da3dfd856b64e_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a1a715a098722199b98da3dfd856b64e_JaffaCakes118.pdf
-
Size
39KB
-
MD5
a1a715a098722199b98da3dfd856b64e
-
SHA1
514111ac469ff85937cf94aeb386251904e30fdb
-
SHA256
fc592704ffd1de82e47a01a81e5db0b4fb112782288998de2cf2fe30f298212e
-
SHA512
c27ead7cefc141a974df9749e9e2439b74f9679a332fef70fc434b3b8c0b1f4bcf54bd96c7b1e35eb2ab78b57d5be6b76e92dcb2d5f5f861c2b84114c4ee40a4
-
SSDEEP
768:ZgGzpD1eI4xx6mq8ZfyYFN1heiGzdXID/jednvyWvxzr13NU+8WZ:aGFpe6WTmYXednRvtrbU+8WZ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2196 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2196 AcroRd32.exe 2196 AcroRd32.exe 2196 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a1a715a098722199b98da3dfd856b64e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2196
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56f35040c6a116067ea95babb23fda63e
SHA193c51140b6e9d340a395be3e9e1abc3732767ecc
SHA256f4f92d08761fbb49db26d9e95a897590774ab24c64a925a929afc85ea33a94e0
SHA5127ac9af8c142c76fbc27bec1d57e7f3a4f94bc07d6c0c845083de947b1ec790871a3ea85911e54c107b6a9b07860fcb534a6abcf3d995d5a32f0257e3d7d1f526