Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:24
Behavioral task
behavioral1
Sample
ad282a233301e3803b2b55dea807428f_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad282a233301e3803b2b55dea807428f_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad282a233301e3803b2b55dea807428f_JaffaCakes118.pdf
-
Size
45KB
-
MD5
ad282a233301e3803b2b55dea807428f
-
SHA1
cf318b5544ead1296da865c6fdd8af36eb617436
-
SHA256
c6d88bcc0855003fd8c184e6eae2fc8a4905472aafb19ca9561f683aad498ea6
-
SHA512
0da0c39ca75af6ef883428a6703784cab4191e8baac539d06ab79073b8a44dc7cb7eece47a5990c86e53c779546716cf8750f18b3deec9dde857ecb085f7a385
-
SSDEEP
768:fgGzpDr44lXpJhahICMBMKyZd+TTJ0WLBm7oFd5l917g7hwU0VuAS4Q/M4SPLE:oGFX8If2KK+J03767YH0VuAdsM4KE
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3020 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3020 AcroRd32.exe 3020 AcroRd32.exe 3020 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad282a233301e3803b2b55dea807428f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3020
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c083332b8e391cbaa895d42f0f79a538
SHA1dc59ee592602e9aaabfa67227fc204171bc3cb5e
SHA2562f2ecf84767f5a988d6b8418f6e864aff03902cebbfdcbbe73bd687cd2a87fff
SHA512fff421daeee2dc3ad9fec19c22b79d11b4d6634414caf38a4ec9996997ac1d193c67fd9112d1879af4f6ccc607318ea07bb9d31c0ab34fbdde0c8f8148e0406c