Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 02:26
Behavioral task
behavioral1
Sample
a387efe9f8a6bfdb69cf02a916ee1bdd_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a387efe9f8a6bfdb69cf02a916ee1bdd_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a387efe9f8a6bfdb69cf02a916ee1bdd_JaffaCakes118.pdf
-
Size
42KB
-
MD5
a387efe9f8a6bfdb69cf02a916ee1bdd
-
SHA1
5a36e5784b1a9c9e6eeb8e83c8c002a6810f3225
-
SHA256
ed766c027e018af74f1eabfa6809f6390de45e11862a1ebef4d9b7f9715ceb4e
-
SHA512
50d6207629bea78704ffcba482caee407e7ae82ef5ffa86b7cb070d56734eccc3c5bbd47da399a7fb4a2d212864eef38c4d7405407dd123b20be0d83a76b6c35
-
SSDEEP
768:FgGzpDfcmIen0ZelSIhsHXQxZ+RxtFXVm6zOa1DodmaeMqlolA7ub41HxyQpPPuj:WGFzcmb+LXYAxaTWlolgfRyQpXuKPxFq
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3008 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3008 AcroRd32.exe 3008 AcroRd32.exe 3008 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a387efe9f8a6bfdb69cf02a916ee1bdd_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3008
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f3ff23b9d6735a8a19815c37ab0f7948
SHA10a2f587ceebd3fabe9c27ad5076a0b74c2ea6d69
SHA256ccb48233d0813f83967d648d9a2e5601efa992e4a3abbd349773deae51514856
SHA512bb20c34711c9e070a613bcf07afb22143d7572531ef90f4a2c274c789adbff9076650335a83c9cc0c4606ad33c856828092029a3cfb02c04694652d695ad66cd