Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:00
Behavioral task
behavioral1
Sample
a345e070712fc0f7f64fa6467552e28e_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a345e070712fc0f7f64fa6467552e28e_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a345e070712fc0f7f64fa6467552e28e_JaffaCakes118.pdf
-
Size
33KB
-
MD5
a345e070712fc0f7f64fa6467552e28e
-
SHA1
2c4244f4d9b05c90d88467ee3d1c2a2d645e4026
-
SHA256
8fc188da501f96b378e4bb75d300f7612947b6502994acd97521d32d15fc2c10
-
SHA512
bd6b38326663e30ac84f406c61ce5ba649e71673df2de727d071902ba93a0181e38741df2c0b8c564222b033d8a0adb55ca716068b7620ec007a3faf07aaae81
-
SSDEEP
768:CgGzpDmt1q0SgnCc9SIwdEu7OHfP0sKbM7THzXbvw4/+ESpeLh:fGFKjf8bM7T3w4/+pEh
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1700 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1700 AcroRd32.exe 1700 AcroRd32.exe 1700 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a345e070712fc0f7f64fa6467552e28e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1700
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54cd57aa38e5fe4304b543404a8921815
SHA14268013e7a93d0fe9bc2264e56536ee8ce74b0b2
SHA25681d85b93731f9b582b9f257f66e2b675c82d878756437d9118919a2f1db56e5d
SHA512a9d0c1707f07385d21074881d778bf4d69f1999ec5464a7bcdb535fd2896462604ae4017c121ff75aeba57ad82690a6199c00130802157a71ee97446f420c240