Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 02:23
Behavioral task
behavioral1
Sample
a385ad6e3ed68203eb35192b7013a9d9_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a385ad6e3ed68203eb35192b7013a9d9_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a385ad6e3ed68203eb35192b7013a9d9_JaffaCakes118.pdf
-
Size
42KB
-
MD5
a385ad6e3ed68203eb35192b7013a9d9
-
SHA1
5935896cc9a6dde3ad681be2a9f8790593ea3090
-
SHA256
3cc2c315d1fa40479ece527680b69fa11dca5d0cfe7a481f1074b462e591209a
-
SHA512
7e94c1dc68efbc82c2c6cc702e6d512168aaf428cfa37f43a9044a93b192528dd08667b91984c645469e8547e08f968dad318d03ff12a1704692cb2e43aa141a
-
SSDEEP
768:zgGzpDptSz12vixQnFujvQYnyx+1RIQr3SnDPnvuexrYmb:MGFttSZ2KxQcXinDP2exrYmb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe 1720 AcroRd32.exe 1720 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a385ad6e3ed68203eb35192b7013a9d9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1720
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57153dd896584785bb5db34936fe5b5ca
SHA15445b9c8428144631ca0148c0617fa9c37f6f161
SHA25629865a6c68724e86663fa84d85a429b13158fe309fc0ac48b6f9ad3f31213c8a
SHA512faf961ae882243a4d025a0ce9cf32aea9253d9ab8a0d01b05de60980d74a9663581411d1ad3f2c763a291678df3a762df91b8520b2537c4f2eaac476769532c4