Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:53
Behavioral task
behavioral1
Sample
a89ced3859f78f73f8e356bac2d3d164_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a89ced3859f78f73f8e356bac2d3d164_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a89ced3859f78f73f8e356bac2d3d164_JaffaCakes118.pdf
-
Size
39KB
-
MD5
a89ced3859f78f73f8e356bac2d3d164
-
SHA1
a9df719bd1033ae41728950920f8948b09753809
-
SHA256
4759df71cf14c9f05987a8c8587870be9d56fc3cd777fd1bcd66bd634e279f2e
-
SHA512
bec38d4703dda052f44c9638272344da69ff52df6ed87ba4544f78d7f523cd33f98654d41f9d6879846623d9e4a210750e94bcece261b1670188b34342597b3a
-
SSDEEP
768:WXuMZmwgCLWarmXziSi1bq6Rzll4rpld+O5Abgr28yvCJCtB:WXFZmGWS5Si126R34VD+gwgr28yvkuB
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2136 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2136 AcroRd32.exe 2136 AcroRd32.exe 2136 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a89ced3859f78f73f8e356bac2d3d164_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2136
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a6139c01c3a7799218fd2703c3e035b1
SHA1fdd7569f0f8d5043a20cbff6519135598dd4137b
SHA2561772e0d33325c3220162bb50459ccaa6be4134b0004305effbc4bd7376abbaad
SHA5122c4a4c4c4a2faa92e3cc4add2208c084d2e680b4c6860fa11f3e63cfea25fbc9b8ca7ff6a3538f28eb146cc0c3ed62d5417f4730292e9d4270ff0eb43415532f