Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:29
Behavioral task
behavioral1
Sample
a8bd5d3a794c8ddce29a2f562860e0a1_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a8bd5d3a794c8ddce29a2f562860e0a1_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a8bd5d3a794c8ddce29a2f562860e0a1_JaffaCakes118.pdf
-
Size
47KB
-
MD5
a8bd5d3a794c8ddce29a2f562860e0a1
-
SHA1
2741bd9da18d20db6077279a5b3e388a7ad619ed
-
SHA256
f09f47a80d406a51fbd49580040da66c56bebf6e479061c164c989383b55032b
-
SHA512
ff52cac55a23b04102656cb7cff7130bfc22d895f102dd17ca958388853a1f29e89f9beba2bab761ede742db34e65233e5db80038c1d87141a5353a975516214
-
SSDEEP
768:YgGzpDyBVksi8qCoiBi+Pp5/+4RshmAJJSi5FZJ0lt5IFPqjaYrWu0vOob1mO6j/:1GFmzTAjSEJDPoWu0vOob1ba18lc84h
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1956 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1956 AcroRd32.exe 1956 AcroRd32.exe 1956 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8bd5d3a794c8ddce29a2f562860e0a1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1956
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b18efbdd7a880830b6601fad20093755
SHA1d8cff19fef519a1139813779d34220233f69c28e
SHA256096b5d0c00d13551eae873553f567c15f15683bde89a34c9bdd449ce7084211e
SHA512c53feeb22184de2f1d350a0fc31c2cf4fd40ae390a8d519a61c957ce22a1f52ee92adcfb5f70029751988dc968e4d5693aa8215be606b83c741ab80afd608427