Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 05:47
Behavioral task
behavioral1
Sample
ad0d5aa622fe7f04f9a6f3aa4c373b68_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ad0d5aa622fe7f04f9a6f3aa4c373b68_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad0d5aa622fe7f04f9a6f3aa4c373b68_JaffaCakes118.pdf
-
Size
53KB
-
MD5
ad0d5aa622fe7f04f9a6f3aa4c373b68
-
SHA1
a748e8a93786f791b5e7b54e2c810e745c4821fe
-
SHA256
93112fc38b921f5057c9e08f83545f4c14d82b2140d700059f04fe230187f201
-
SHA512
4e4ca610b31f16d1e19bb6d341fdbb71bd88ff8cc8573f101d89ac7e87f021054e5af07d7249bead81e862914217a2cff571123efe828f13de47a8f4774abf41
-
SSDEEP
768:/gGzpDyBVksi8kJwvDEL1On/gJhTfh4ERn9svv74EYJjmirXKxcbbWvEjXh+UpZD:IGFmoTRn9s8Eu3bbWvLpN5AXyKFyzyE8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2080 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2080 AcroRd32.exe 2080 AcroRd32.exe 2080 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad0d5aa622fe7f04f9a6f3aa4c373b68_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2080
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52e6cecb4204ece268c01b5b59188a02e
SHA1831e4f9dc534a24989fe92ee83bd7952ee9db01b
SHA2567e6bcbe26846aa96b7c2c1a40d464c680eafba07508ffbbb96584f9fc7b172b2
SHA5129bdc608a8b44b669ee513fbabc66d4c191ad288be70277c1e2a18bf157f9120e45a78dab3b7dc6a111ab6846920480d0bed9b1019909d780609fa70255c11471