Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:43
Behavioral task
behavioral1
Sample
a36a22f069054c491eea415df90128e9_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a36a22f069054c491eea415df90128e9_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a36a22f069054c491eea415df90128e9_JaffaCakes118.pdf
-
Size
32KB
-
MD5
a36a22f069054c491eea415df90128e9
-
SHA1
0ad9e6fc12edc8a6f201ab499d99cf4ca0da6c56
-
SHA256
c84d311f5e1c32e35e26d17d22a9ae8e5a613bd8e6670a2bc69bcbddf3dae36e
-
SHA512
d498a000af85d835881420f542dbcc996ea6a9220e77b1483d16874ea5d4d09f644cd3dc497acc44b5eaf47c2e4d5b471e3fc5aa3071cb48552ffae34e77ec75
-
SSDEEP
768:FXuMZmwgCLWar/N7RneLuuvaqAIrxoLnI9MlDXMUh:FXFZmGWSreLDyqAIrxorwMlDXMUh
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1232 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1232 AcroRd32.exe 1232 AcroRd32.exe 1232 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a36a22f069054c491eea415df90128e9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1232
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fa8a27038270c9cb27326df47e47ea13
SHA1b2e4c84d6a739967c5bd1b303e3becb818a77156
SHA2563d67cc345c71a497fd681dccfd76944b1297d54a4c279bf7ba3713b7b3895a60
SHA5121776757694b5ff4083bac81624ea6ebae5efd9e4d75650d6cec77c47d3421b03626ac9871a8145a99fffa05b113362d490598337ba36219e717ddacbadd3fa38