Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:38
Behavioral task
behavioral1
Sample
a3655694e7dc0242b5d6549398d02aef_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a3655694e7dc0242b5d6549398d02aef_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a3655694e7dc0242b5d6549398d02aef_JaffaCakes118.pdf
-
Size
75KB
-
MD5
a3655694e7dc0242b5d6549398d02aef
-
SHA1
bb6ca9a685ce671e438724d8a51f57fcfd88da26
-
SHA256
63552327b6b7cd3c39317e1a0da76f487dfbbd962da127db23b12d36aed49ee9
-
SHA512
7342fa3cf63a3f14d34483a5744a3e9755923831218c19d9f6648a766fbf4c7cc2c49f38733d9dc36ea03c5f9d027c08ea18eed19e1f043d0a249d40fea7821b
-
SSDEEP
1536:D3lW5dgwHxB9MI/x7PST+g7oyntEFizlZ7X9mTOx6u3YagQbE4Cw9a9wg0mbwZok:D3lW5fr3Vq6CDt88jr2uTfbj9IQmbb3M
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1976 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1976 AcroRd32.exe 1976 AcroRd32.exe 1976 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a3655694e7dc0242b5d6549398d02aef_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1976
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52069d9879892706d106bc162f7126ec8
SHA172ca813c146be3ba9d23270550c95b2895ab5bda
SHA256270f44e36e863b00545fc83e04ad725ba58bba9fef35c0a37bdcf17fc8b61257
SHA5122dba2fbeb59ad5f0b8e9fb18b880be4b508821fe27a69ae7cec2b82fa39eced5f77689c5949cbe7db8ae7d297393e2e0289d4562081e54520aac0516ed30735f