Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 01:23
Behavioral task
behavioral1
Sample
a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf
-
Size
49KB
-
MD5
a358f6f449cd6b946b5a64dbe238768d
-
SHA1
81f30b747879bc7641319c79d08a7856cbc6e9a5
-
SHA256
861841ee4d453cc2a5ec1fb3595cdaa3e67922340987029dce496fd1dc612475
-
SHA512
e95638aec633d7a04310c0f4d71f2d2f9a67b329cb6f445fe82db4064d66bc5d1f706d6ba973c30f6937b0faf6ddf4314d7cc6d412c9afd75c706dec9764a434
-
SSDEEP
1536:KGFmPrMQZ/i0VgEaIRlnZwmwNSwjsrQx9ZaD7:zFmTD/gEaUpZw2usr+Z8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2072 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a358f6f449cd6b946b5a64dbe238768d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD572f33ab892c7c9ba27ff9320f65b7e45
SHA1fbdc1a48ad1a6af29a300de6a7dc7a60307fd607
SHA256bd368a71db489fc9e78b1c3b20e72e965485ed9868e64ced20b267c6d4e08fc8
SHA512aedb58d878c3b52bbf0455616aa0ddc2a969d0db629e9deee3d2c5b7506efb99d1c3dce60d634313aa269e55b584f106c63fb7ed5b77eb6218d698b10ac1110d