Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 02:24
Behavioral task
behavioral1
Sample
a3860ba3b17fd7c6c17d9d80248ea666_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a3860ba3b17fd7c6c17d9d80248ea666_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a3860ba3b17fd7c6c17d9d80248ea666_JaffaCakes118.pdf
-
Size
37KB
-
MD5
a3860ba3b17fd7c6c17d9d80248ea666
-
SHA1
58e96d5385bdfc5a53e8bc67a2290d09e43a4ada
-
SHA256
ed587e8da97d1a53b4dd5656977a85ecd7701ea89391a85c5ce5b20c03694bab
-
SHA512
c0ad82ba08c2f2c325db71ef9f0451a21eda7f5eeea6e8e48191cf8dc213d36c1036826a8386c6eaee9b5808251751521afc145b7a95ba516dd2c304258a45d5
-
SSDEEP
768:5XuMZmwgCLWarDiiUuyI+8rBzMBbZJozhF57LvGXBMx:5XFZmGWS23uyDuMBbZqzhF5POXBMx
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2208 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2208 AcroRd32.exe 2208 AcroRd32.exe 2208 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a3860ba3b17fd7c6c17d9d80248ea666_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2208
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59d34d6d35909ce9734002f933f4e6539
SHA1b904289093aeae9c26b6cded8858ec9a31a69616
SHA2561d6d74b2ddc4f8c17177564b2a2712423e0b8f7bba1070e242b4620202853288
SHA51266730a6894a817b99b1c3386ad50814b42cd9ab3bc69f6b7c553febba6cf094f9ca876c5726d8e7d3fee843230720a88b019ac2e42b2094fb9b37ec6d6980c9e