Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:33
Behavioral task
behavioral1
Sample
a8c192ec3e38e304cabc29983c517e5d_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a8c192ec3e38e304cabc29983c517e5d_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
a8c192ec3e38e304cabc29983c517e5d_JaffaCakes118.pdf
-
Size
17KB
-
MD5
a8c192ec3e38e304cabc29983c517e5d
-
SHA1
820f35eae5bc6c3a48b2b3766d2c7b14d19b0b99
-
SHA256
30fd186b8c1d89fde847fbf6129cc2c132a2b382a67ca960c3a894c064266bbe
-
SHA512
1639fb45a5fb814de6659aa6f200e2c70d2cf1cf4b95777cc22dac3c780f765b4e54d38dfdf78e3ac0574596f59c9fc0ad1daefa713016a54fec91d3de2b233a
-
SSDEEP
384:VzkkPkKuU/z1/Tpj3WyOXZyn+XgfXlJDDzurm9AJZagivj3qDAE0JAIKdxAbwNIQ:VzkkRuU/z1/d3WyWZy+wfzDHuK9AfbiI
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2456 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2456 AcroRd32.exe 2456 AcroRd32.exe 2456 AcroRd32.exe 2456 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8c192ec3e38e304cabc29983c517e5d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2456
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a574a06f04e7a022f3527499914d0a65
SHA1762f505002d2a754b350cc57d8dd0380b13834c5
SHA2561fc4c27fa5f453b34973cef7a78dd30ae94bb76413d6c013f82710edd71c6f76
SHA51289d24abbb8cc7d6f025e9a67d69a3ef547fcddafd564431f3978f91a92d682098403eb5e5cac90a9a04319b543be4e29c36a81059808153669944d560cd5a9dd