Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:12
Behavioral task
behavioral1
Sample
a8ad5ba0bbaf92e66a898dec3cf45998_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a8ad5ba0bbaf92e66a898dec3cf45998_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a8ad5ba0bbaf92e66a898dec3cf45998_JaffaCakes118.pdf
-
Size
57KB
-
MD5
a8ad5ba0bbaf92e66a898dec3cf45998
-
SHA1
3f417047145099f2c9d828520dfa62b3c91569ee
-
SHA256
5912b65267d8efd734896baac5e618f29a68a518b217a4bc3f9455f68bd39292
-
SHA512
d7e1aaef4ac9c6168e652e3245f04d347a91bf1fc44e639c9efce1b0108b7878d9cca7c66912ee6b13982b575bc1b6c7ec0b9d7a646997490074a772e1f04b88
-
SSDEEP
1536:5GFvpPhh4ygdAD/cs9R24IW4Qk+yOzZ4lV2Z4E8d:MFvp55g6/P4QklOzZ4lsZ45
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3064 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3064 AcroRd32.exe 3064 AcroRd32.exe 3064 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8ad5ba0bbaf92e66a898dec3cf45998_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3064
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59cb32d6f9bd741fceef01beea34c12c7
SHA14d3a6d62eb6f3b5aa9a492372ede9e4500b0347b
SHA256eee146c2f585291044fd48d945ce62662ed245ef1bb1433867ca52c25a12872a
SHA51243c62f494029ddc91fb3f83f6ed25c21257528042ee032b8aac51e0e64bf2d8b5dea66a4719bd6ac7930221c7f037b073e69184f5f8b0445fa36e45ee89b090b