Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:22
Behavioral task
behavioral1
Sample
ad265b064093e19dc1e6c2218fe2be78_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad265b064093e19dc1e6c2218fe2be78_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad265b064093e19dc1e6c2218fe2be78_JaffaCakes118.pdf
-
Size
41KB
-
MD5
ad265b064093e19dc1e6c2218fe2be78
-
SHA1
bdfb1b651dc6a34bbb51035a26488885cef3b6dd
-
SHA256
b0d934a42b27b258bed565233a59c4b6e4c5fd33efec82e29bf907b35bbc4a78
-
SHA512
605acbe869cec24c6d0a2ba1274625f2c1fe1933d23849706fb9acdf20c8d612636a80e6265ab0765711c99f1dfb66fb4e3a8bd5ef33012406a925746b3b947d
-
SSDEEP
768:iD43JVx5CspLdj1Bwll+yaZWHEtVh1OrcTQi/zl+lCIoht9WBRsXOP5Hk0yZ3o1g:NAspnylldaSEtVHWcTH/zl+lCIoht9Ww
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1808 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1808 AcroRd32.exe 1808 AcroRd32.exe 1808 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad265b064093e19dc1e6c2218fe2be78_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1808
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51f3bf75a5c30f1fa0d2a91590bcab2ba
SHA111d0a93a21bdb1761708f76ac77ee02911a87ba5
SHA256b7c1b5b59e8134a0bf4ec23100b0e97520d19f270d6094cdf34046d9ed8d24df
SHA512e16b081fcd43bf45f7804c1acb7eb84ee236ba8256b9ae8c51b5e12e7a07c5f60fb67d5bf19dd5853e8b62debceb91dcb37e918a511c71c046f23c5f2d5e95e7