Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 02:08
Behavioral task
behavioral1
Sample
a37f15415f0adc4a6aedb0999a2ccbec_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a37f15415f0adc4a6aedb0999a2ccbec_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a37f15415f0adc4a6aedb0999a2ccbec_JaffaCakes118.pdf
-
Size
44KB
-
MD5
a37f15415f0adc4a6aedb0999a2ccbec
-
SHA1
2318c6509505c139829d3680bb0282d4b321052f
-
SHA256
5058b3376fcc9f49d45d5416a0db78032182bab9db7ab63e6c52337ba08ec801
-
SHA512
5d9ff50a9732ab726d8e5d36bd9c4cec0e1f5f727ed46580a5cfe84c0f36980c06c6888b82e090742ddf870940f716408aa1f8df82bc54a836c5c79ea7206d85
-
SSDEEP
768:VgGzpDNBv6A31ug2B3trfTg4FnaeSKJsk5+cpB8N2snsJG/FeQ5nTzwU6HuPPbFM:GGFJoFaKJnpBEvsA/3vwU62bFM
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2844 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2844 AcroRd32.exe 2844 AcroRd32.exe 2844 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a37f15415f0adc4a6aedb0999a2ccbec_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2844
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a413646008a263287037af380dd5de7a
SHA16f4b3068193e23f9287ceeaabad8fe64e60e7054
SHA25667bd59c4c5449c4996633a25a3e47bf7673f7cffade3137e7a143a06d7b6f46e
SHA512925098cd60de4354c7fabf6fae7d64d556d0276b6fb5c9c13176dc2e6176cc5207923a9697645b6e51d36aa32329bb7cb2018147dd6d7384cb68fee5629d23f6