Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14-06-2024 08:38
Behavioral task
behavioral1
Sample
a8c51c96f16c424212d16b4be84d6f1d_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8c51c96f16c424212d16b4be84d6f1d_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a8c51c96f16c424212d16b4be84d6f1d_JaffaCakes118.pdf
-
Size
41KB
-
MD5
a8c51c96f16c424212d16b4be84d6f1d
-
SHA1
58a60e5874dd1a2532a3a65a426f404d293503f7
-
SHA256
937ada0fc3c7b2cf8c5b5ca3d957ceef789e082c4185175014ddcd4aa9586a48
-
SHA512
3801cb1e760d6fbbc22d0772f2293d116613c24abd8f96b6d4f43ca1b1664f7ecc70a793c1728778371aef6e03d4cc05b1a2caff78bcc3473c6f4fd8af1d3201
-
SSDEEP
768:tgGzpDyBVksi84+37kq2PsAlezY7U0qDBW2Kuj4ZyBUyxN76X4a2X1e+W:OGFmPlBW2t4Z8UyxNo4/1e+W
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2924 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a8c51c96f16c424212d16b4be84d6f1d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2924
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD575f574636623bf681f6e066b4f8afcb7
SHA10db42ad3447c293c7d9c5597f4dfb972e282f443
SHA256df932bf59a24537ae40773587e60259f23a3d1a96846ab9f981400e509309e55
SHA5121eafa33c4ad7dee4ae0031da4515478e212abf1ca69862669cfd0557f6dd71a3023bca405b4ff2ace4fba1df5496b732133f26b30599e81558e73d421edc90a6