Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:51
Behavioral task
behavioral1
Sample
a89b0abdf101e825bb19bd80b028c744_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
a89b0abdf101e825bb19bd80b028c744_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a89b0abdf101e825bb19bd80b028c744_JaffaCakes118.pdf
-
Size
45KB
-
MD5
a89b0abdf101e825bb19bd80b028c744
-
SHA1
906b78499551f0b517a22a1dac33efbf8660bc22
-
SHA256
6001d4397b22292c1b585953633582e68d37210ef010d336185e681111182088
-
SHA512
3e3b75cc75a95f190f50eeac41145b4ca57b834038b060f2d195bc04b0f0e330eabe1f310146a08bc3908badffc4954805cda96a2b39f1fb2ee2f44f62b8c5ad
-
SSDEEP
768:GgGzpD7E8VcIvwACILofNa8AClxC9P0P0xFUZOHrt1NZ2eWhJudouE/9CZe:TGF30Ah9PvOZOH3NAeWX5uE/9CZe
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1576 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1576 AcroRd32.exe 1576 AcroRd32.exe 1576 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a89b0abdf101e825bb19bd80b028c744_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1576
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5871576d47ca1000227c729ef783486bd
SHA1fd0c21347fb3ca026f5c8c3a61573c82d2b2dcab
SHA25691b6ca2f28358bdb00a86e2114c83e86b7235bbb23e6d46fcc432cc133234ca9
SHA5127401e9d1aaa7f791d9b50f223dfe77a29ada4f7b02845b88621854c461138999f46fb23a23b83a6bb0c13d8a8f17ce845350ead96ea1b197359451bb308e4ed6