Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:12
Behavioral task
behavioral1
Sample
a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf
-
Size
43KB
-
MD5
a8ad6e088a82d57fe89b9a9f8293c59a
-
SHA1
b3230ff3e9f4bd76e7cd66396fc1ccce2df2298e
-
SHA256
4e45244ce7fa54634539598cd3de49a6e4a9fc0eb0e4489933d5e7756b07b275
-
SHA512
0d9dc917bad36479496f6c7cbedc68d793ec584a8154e6017fcb5e1afeada14f7773431fe647d1d8eeb5c754b2114fc1812b3e28736aae31ca3022f942c83882
-
SSDEEP
768:gXuMZmwgCLWarlE5HpuIypkxfKWaLhv/Sm29z2lKLy20McD1uPvT+Zd2SWAZvNAn:gXFZmGWSW8IypkxfKWaLhSB96oLfcD1s
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2956 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2956 AcroRd32.exe 2956 AcroRd32.exe 2956 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8ad6e088a82d57fe89b9a9f8293c59a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2956
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c36d1bdd406eb40f4070ba1fd0bd1f4d
SHA180178a365049d243141c84d5483e223e83e2d66c
SHA256ae779831411aeb7ad31e66916b45d6aaebb10c756355c892acce9b8fc187d505
SHA512647bcab7ef1519e0605dca5488e3e764ed5deb29de0f3739e19bbf812ff2ff1b6fc351238eea07e66f1ef1ab91bbd5ff70cadd92d8466774f67674674af2b581