Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:24
Behavioral task
behavioral1
Sample
a8b87c2537564578d466c354d463b989_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a8b87c2537564578d466c354d463b989_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a8b87c2537564578d466c354d463b989_JaffaCakes118.pdf
-
Size
47KB
-
MD5
a8b87c2537564578d466c354d463b989
-
SHA1
b176b01ccef22fd647ca5605c1d5037dd8d7df55
-
SHA256
6c4cf234b7d65b398f17aeb9e086b17f6ecf1bf5b9435a1714213653d65a1b97
-
SHA512
eaff3d238b9e209ea293a586c3fa11282e4d52ef8938efa7c9db9056ee9378dcfcc97f69374fd0e74ceb5c7f134c6dbcf72b6301160651405fe2868e784d5193
-
SSDEEP
768:ngGzpDSpXVQV+s5NZ+PwnjQNPvR9fZWg9v0u9gkYB/V4RwRgg8NKYHzABAEFfssJ:gGFOpXZWTkYXCNKGztAfHH2nwJr
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1720 AcroRd32.exe 1720 AcroRd32.exe 1720 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8b87c2537564578d466c354d463b989_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1720
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59dfc774503e124587e2551cd17c60679
SHA10aafd327bfa6ca22d4162f22807a668330131464
SHA25681a6a062ee8ff1e2f9dc21253f6894eb8c35519f1b82b8d93c6e16595b28b498
SHA512ea48944b8a407d30852e433a8b1d320a70bca7d9f34ae09708e1140aaf96fd232005603d44ff07222321156abed4701d0904b4c70642330ffbeee520ab461876