Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:46
Behavioral task
behavioral1
Sample
a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf
-
Size
23KB
-
MD5
a896c40a16996de22af062a435906fd0
-
SHA1
b44d7cc39f4f2816fca8be7263b3aa1e06fab16f
-
SHA256
23ab9e2a3041d70b6cdd85fc42af1f1c8b5d54ee8da20ebc4965f2aff6b707ce
-
SHA512
7b54b957dd763e22e9d9c60fec36a26b00460db7320533957cfd291719199930781c7f480bcfe1a84004c1aca7ba8e62692e8728253bc82396e88a2e363bf27b
-
SSDEEP
384:Vzdq5soPa9bVSMz1bM4+IGJzkT3ibO4s8XdiBlSdgGBiURinQqBM7qRvqIz69iGg:Vz427z1bMaizkTCO4s8XdiBlSdgG/c3N
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 328 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 328 AcroRd32.exe 328 AcroRd32.exe 328 AcroRd32.exe 328 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a896c40a16996de22af062a435906fd0_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:328
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ef663e6450d54b249af3461aba72f8d9
SHA194f1a0bf4c6e24b955e07bff786bb800e9058cd8
SHA256036206591d83ac2205509069271d48b9fcb49ac962b1aba5fda916abb83d80c3
SHA5125ff4d3e0a1d1a628a2b6556629731f9301989e853c5f2828271bd3ba698ae9164af5314b7829bd764bab65a4b70c3e829f026e4b7b6391d90496438fa4143d71