Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:02
Behavioral task
behavioral1
Sample
a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf
-
Size
39KB
-
MD5
a8a4d47eb6f58f8cc63a3d82344b3323
-
SHA1
e30fe2d57b76ce70165f1ab7c5b6fcc5a9e981e2
-
SHA256
d9bf179f093e28fad4bbf6ae8d4ef3532c51af30fedd75c84e794b70312baa45
-
SHA512
d7005f2ad2b6828a9b527892d97c34edd6c497e9838eef6d1b238d8ad15bc2692ef3a73a90e574749f4c842b891dc5c3a85f0aa64c332325d2a2fd05cc7d77b0
-
SSDEEP
768:CgGzpDwCANILGNtlaRU/JUscO57+zH/9xZeKpZ8ZuX1QQtZT4rtX:fGFcPulzH/3ZeK38ZG1Xl4rtX
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe 1720 AcroRd32.exe 1720 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8a4d47eb6f58f8cc63a3d82344b3323_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1720
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59d1a0e66f4e4e1716f0fb44e4e3f56cd
SHA1f2a3e1a4cab5b6b52601b04091a84d1d08f90c92
SHA256f889eda317c4cf6d7c84daeecfa923dcd59863bbafd100484774f07c855d021e
SHA51236e53af378346d80efd978e30dc8e31db21a09915e7ef61ec2a5a1a1a3c27fa24e3dc4f15c7a80f87cc1c60bd1e9b007ae2ff754a8be521c9a86f353f29492fb