Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 05:39
Behavioral task
behavioral1
Sample
ad0815413da9b7e9f5daa3405492cf30_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad0815413da9b7e9f5daa3405492cf30_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad0815413da9b7e9f5daa3405492cf30_JaffaCakes118.pdf
-
Size
34KB
-
MD5
ad0815413da9b7e9f5daa3405492cf30
-
SHA1
af58970a63f12d384bf70ffb7f23cb053cdf7330
-
SHA256
06cbf7923a71bdf5699a289d56c667adf7d11ace37756cf09bade82c237b0e14
-
SHA512
dc39a7a30b50e229b87bdb8dbd4b6e38da59922b2eb15675e1ca16433d5a428007ce45345c1b9602af28d2dae7cad5d4909d1d2df4024a0563218e2aedb5e478
-
SSDEEP
768:Z4ShWxb00MlVrJ6XV7bN6W/+QINh8sdvoK7LHA6gTg1BxKB3U4ezWhFBWrGTLHzi:ZhWxb00Ml16syNEiA4/+f
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1180 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1180 AcroRd32.exe 1180 AcroRd32.exe 1180 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad0815413da9b7e9f5daa3405492cf30_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1180
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50c281f9e8d5692f88fcd2ed83dd4b0e5
SHA1fb227066b98029447aa495691f35a811ea1cce06
SHA2569cf9dc3af476f166c80ee903039cfb66b829ab0bffabcb74ff0123fea165a0fa
SHA5127866b6154e97f334b9e531aa24df758d71fb77954206f0bca5f88aa99b76b7e5a6afb21f06dfd916c5f285071f34eb5ba885ec20a8c74d7e803fc58ee087a4de