Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:12
Behavioral task
behavioral1
Sample
a34fb5c51656014820deeb9963bb7e44_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a34fb5c51656014820deeb9963bb7e44_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a34fb5c51656014820deeb9963bb7e44_JaffaCakes118.pdf
-
Size
36KB
-
MD5
a34fb5c51656014820deeb9963bb7e44
-
SHA1
1829ad4be6ab3584b03604e58538593418a0ebc8
-
SHA256
1b5890be53225266b89c76256769502d2882d0f1b4db51768f80259e5abe3dc1
-
SHA512
f959145323fe47e49bf1ca12973842c053aa887689a112a3c1862a8d5ee25600ff523929fb3a97d668c1087858d8dd1a2a41503bc3c0f6e087e2ab56561d955c
-
SSDEEP
768:OgGzpDue8eVZ4OryUTHknzp3+MvsERNT5ztbLXlPW9WVrD:rGFSe8eKOMvsuBbTlP4WVrD
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2856 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2856 AcroRd32.exe 2856 AcroRd32.exe 2856 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a34fb5c51656014820deeb9963bb7e44_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2856
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD545b28942a7ede98f10b713ba264971a8
SHA103c2ff61388e17b2684294968a26bd6b42c792fa
SHA256b8533137d00f6c714b8453576924fa98d83c12f150f50c35ba585922ac78bafa
SHA51242277a56efe5ec33a66e8206eeb572c16e4687a33eb15b7b8bbadc466a2b49141523bbc16e10c802d31b45fdbaecbf71cb569e5391770e1bcbc4cd80759726dc