Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:19
Behavioral task
behavioral1
Sample
a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf
-
Size
34KB
-
MD5
a355641487cb196c6d30e9768d17e66d
-
SHA1
8c68d01283f5384ec5406a577a873dfa01779ad6
-
SHA256
337cf976ce0eebe52af7a63cc0a95b51185a32c98e19e969a133e82e7a3188dd
-
SHA512
6865ff1d1b5cbdc199bb305c55a8e24735bf716c542d73ab47a8aefc57a87b81ca9b4ce444a7a064f86d4cdcb3b64aecb1f95cc38a9f58841ada85321a81aa5f
-
SSDEEP
768:5gGzpD5VjiEZWHQ3BLYfeJwTpETXI1+lWEmFhlvlzyo2ZO0JBinot8MYarutt8cU:6GFtY7hUlWEmVvlBsO0Xiot8MjuUcS9
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2084 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2084 AcroRd32.exe 2084 AcroRd32.exe 2084 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a355641487cb196c6d30e9768d17e66d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2084
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5274175d25151d4c36edb432e23c3efa3
SHA1ad134700c4910bc5b87d590363b279c8a15c9937
SHA25652dc3ec41e1f449db921764472d2e53cb95dafca73cbfaa230d8811734c99ee4
SHA512511ad1e2537ddf49ae5f99b5037218b910343f576594eb9602af56772b4ffe45a7a8fcd86bc881d9a4bc35f40dec8775e5c10048a7fb9ef1c21b44f28c20a1a6