Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 02:38
Behavioral task
behavioral1
Sample
a38e152adc3a266c120c0ad78b156787_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a38e152adc3a266c120c0ad78b156787_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a38e152adc3a266c120c0ad78b156787_JaffaCakes118.pdf
-
Size
70KB
-
MD5
a38e152adc3a266c120c0ad78b156787
-
SHA1
5c8e7f87f020cc8a6b1d6844063e732403aecfb4
-
SHA256
183cb539f8bdc77167ca9fa97e9bc76cec113d2ecefcf7858a7b404af9d44ece
-
SHA512
36480cd37b30eff1e26e203509ded89d413d599f1a881b6b5dfdcb7951cbf53cc2f077da8d0969773859dec10a616be2fed7184e7931b6ff53d7399911c467a7
-
SSDEEP
1536:YGFlMZ5r4XlXQFwmo1H117VRQc0FeJerpY4tY+nNgd4K+I:1FlWEtQFwBV1xieh4tnNgCKl
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 992 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 992 AcroRd32.exe 992 AcroRd32.exe 992 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a38e152adc3a266c120c0ad78b156787_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:992
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c10976e2fc3f7bdfd91fa371f0952853
SHA172dc6e5bc93fd2fec7a1f59268139417a52d59a4
SHA256db2bc4d518bf9d8bf7475fbbf5125adebaacd4e8c0dd4934c975b762048274bb
SHA5129a67dee91404a22440b884dee4552f73b5f37e3fdfb2990b606fea29de65ee4d2af01d77eeefe6364c546b34a1d9f47ceb697363676f102a85a438cdca3caf14