Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:17
Behavioral task
behavioral1
Sample
a8b1fbc3f68a4e69228c468b413beb4a_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
a8b1fbc3f68a4e69228c468b413beb4a_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a8b1fbc3f68a4e69228c468b413beb4a_JaffaCakes118.pdf
-
Size
38KB
-
MD5
a8b1fbc3f68a4e69228c468b413beb4a
-
SHA1
d2673501be4fc5346a34748687455a7931867bd1
-
SHA256
22e053814c2ef145e81c0d3fea1d7b0fbbd5bba50d804f372cddaee9cca1f9ca
-
SHA512
5b5e0b139412028ab30c635c472fc15b545f76b449b65a1e70382341260f73f6acd556d71c789fa9c50da93e8bc5c60fabd1d7cb2732b9d1cff9ce3f9a0f96bd
-
SSDEEP
768:OXuMZmwgCLWar8E5HpxeVCnDH1cpUAK7Woupd/EiDKu1RzH5ZAevDi0TyftipJ9F:OXFZmGWSljeVCnDH1cKAK7Bupd/EiD1P
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2028 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2028 AcroRd32.exe 2028 AcroRd32.exe 2028 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8b1fbc3f68a4e69228c468b413beb4a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2028
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD500cea247be4f0d23b3b9076eb587d9d4
SHA197b279f25bb5d51877854929dbb52a05fedadb6b
SHA256f7abe235a67fb8382870f86e834a9d2fcb093652b8af3e8d6e4b6798265db996
SHA5120a3b41a2ab124273327ca9cb4bac8ce1db577d1ad2bd5be3d083626b1415097457b32d37138b75be6ad93b8a6fcf476b8de0c76e4978d4fc7d04b0f7a7c97108