Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:13
Behavioral task
behavioral1
Sample
a8ae833ac034d44275beb0df72e149b4_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a8ae833ac034d44275beb0df72e149b4_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a8ae833ac034d44275beb0df72e149b4_JaffaCakes118.pdf
-
Size
29KB
-
MD5
a8ae833ac034d44275beb0df72e149b4
-
SHA1
92f9eff16d0b4c64a634f84bb9064cadf0ed6f4e
-
SHA256
ae4c87ba9ab31f447562294b5c75ce2919dd29822d6b3a8d0d1dbafafd8b7b70
-
SHA512
5bd711410936dd318267d688a50af0ec59f734d3744a45a7c92fdd66ee6f8958bc89e9e07dd7dd19a9c44200084801790067fff4bd349851ad29811f75e009b0
-
SSDEEP
768:GXuMZmwgCLWarXT3N0kHx3qpYpAPupKXz8IM5Hz6vdnT:GXFZmGWSXT3N0kR3qpBmpKvM5HeJT
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2860 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2860 AcroRd32.exe 2860 AcroRd32.exe 2860 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8ae833ac034d44275beb0df72e149b4_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2860
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bfc6d63cf6676843c49a6240a58ed47a
SHA1106b9c39f89eb886719b760c91303c084bee64fc
SHA2561f842125f57f20041f3c2e519ad73789071fcddbd4eb514659dec4a7997b0405
SHA5126dd39acf462e8897b2ae11e8bb4cb3e5a3ea6698d721ae5437e7f7ef415b3fd4226d431bc66dd51abee387f53d39664d368e5a4dce80cb29364805259d4daa9e