Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 03:43
Behavioral task
behavioral1
Sample
a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf
-
Size
31KB
-
MD5
a3b681d1a5032ed88094cf2f7952b878
-
SHA1
ab62dfe4d4becf85a8e7e8e27f4c540fab2708ca
-
SHA256
08078280349c0a883e269f8ed85853b6c4f61ae43d97d9ab5cb9aa641bf86f62
-
SHA512
1e1ed73395874eee4e0c07ffe825f3c1d491da37a95aa5f8cc8c7ed4de6814a65ca75e1332af304283860724842e2e5a0555ef3a2e7b54237e90a13bf9ac6a65
-
SSDEEP
768:bNXuMZmwgCLWarxRFEytTyn65RWNfzwGDgIy9Vn/YbApIfM:bNXFZmGWSx3EytTZbWJzwGDgIy9VnkVk
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2188 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a3b681d1a5032ed88094cf2f7952b878_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2188
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51dfc0e90458ef1905d810db0d17a043b
SHA1f64b73363eb3fbc9c81916fb48f9d510976c525e
SHA25611e9ca8fbb44f9df300dce446d0a1bef79e4ae9fd6e3dd0a21e5b1b02d500d45
SHA512e865e56a9f08008278a71e329e7eb65ae14f171640629ea7442196f9fbcc2cf80fcb1c83cd7e6329d241389900f71f6a8cc67e4e97f1cc48951f4a9a4f614f30