Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:51
Behavioral task
behavioral1
Sample
a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf
-
Size
118KB
-
MD5
a89ae95fdf637bad02c2c17587d158ad
-
SHA1
8a30709bc772a2e3a540ecdff50bbce489b50ae0
-
SHA256
fb581b150e6a79b0ac3a4959fee9b3dbb86ae3ab4993aface1a83a37ca8454fc
-
SHA512
973d9e063df7d65bf48df54feb8671508c313d01eb88ecc54bc716c2ff29476f3d2fa3c5e30cc4636751086563d0407993617c31b590f8a59ccf0a004f57836f
-
SSDEEP
1536:RX2mgw8Vw5gwXw8PRww3XwwKM8WkIfH4ovQCLusksVWGOjeZhnEaXRSVK4LNdC+x:RX2mgj3cLPRw2wwtPusl2+E+SVKgMut
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1860 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1860 AcroRd32.exe 1860 AcroRd32.exe 1860 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a89ae95fdf637bad02c2c17587d158ad_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1860
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD569023aedfd7da59de304983f110fa726
SHA1869f0f293bd970f8cc08cb7b8ba98afffc63679a
SHA256b8cddb8224f8a56b95b4460afb247b3ea8d111c2d19839aea6a58cf85e2ae2d7
SHA512cc0d0e7129ff17519d6a5519f1acd81ee89aa667dda144c7d75b5adb216069b9bf09816d80e60c13c08855b4885d9c6d77194c820374e608fdfd14e2ebcbcdd9