Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 07:57
Behavioral task
behavioral1
Sample
a8a0cdb82c9f916cc5e78907d4b79a05_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a8a0cdb82c9f916cc5e78907d4b79a05_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a8a0cdb82c9f916cc5e78907d4b79a05_JaffaCakes118.pdf
-
Size
34KB
-
MD5
a8a0cdb82c9f916cc5e78907d4b79a05
-
SHA1
8d4b2343513588a8b447e75222682afd2f16d029
-
SHA256
f4277b170e56931d066a73a8a9f98172f10a0c6db5cf3f86e8f647c055c4ac7e
-
SHA512
8f214c65669c3c49e85e264531d6f210b2890f62648c0b457ff10e894e149d55db5aca2d7a7b29e962be0c5d9de9a32574c9de111bda04013f8a4eb79c9d64ae
-
SSDEEP
768:8NgGzpDXVrtO6UKh4GJivZX4Kz5GNRruuwaqX0ozMrrJF9:8uGFjI9GNRiHaqXPMrrJF9
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2852 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2852 AcroRd32.exe 2852 AcroRd32.exe 2852 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8a0cdb82c9f916cc5e78907d4b79a05_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2852
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57d3b961ca3c4017f5362dfa309d5cc85
SHA10770f1552eca7e1e0d056fddd789a789917d02e5
SHA2567f54aee74855fe392e3fcae6130b776bb80f61af1744870cf38c76bf2ca1b78b
SHA51240c5bda3b93a4bbde2fabbbe577bc6878e5e67627e879b050e4a9990476a452edef9fb2ed2903fe8a71ce26b7a1cad578bd3d2cf4db779e9f627f33f9e297212