Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:08
Behavioral task
behavioral1
Sample
ad1d0496522b7501352e2a1bdb58b769_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad1d0496522b7501352e2a1bdb58b769_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad1d0496522b7501352e2a1bdb58b769_JaffaCakes118.pdf
-
Size
43KB
-
MD5
ad1d0496522b7501352e2a1bdb58b769
-
SHA1
a8bd86c05ff7b57f47105395215a3f763e751bb9
-
SHA256
9802080621d61d1af2de1855eba78f9e1f15fb1c3faf0acadc1ac861b21e9937
-
SHA512
242944baceee1700687378bbef67ba9638f5716c807772a4e40dad10c2172d52f2c8e2baf13507165e2ad42cf9f83a591bb52876d17f21a3cf3c52966e269807
-
SSDEEP
768:+gGzpDyBVksi8qCKXxYUp4mQd7Mob+gyLBzw5lZZ7137hq34NMMbUaZ0F:7GFmkzgCBzox13s34aPaZ0F
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2292 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2292 AcroRd32.exe 2292 AcroRd32.exe 2292 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad1d0496522b7501352e2a1bdb58b769_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2292
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58d6432f3b2670c400b9c3debfbbbd5cc
SHA13a50a9a4f275d86f35f5268500e6427a018bc8b4
SHA25634eee839a21b8b46a7f16ff396aeba01cfd323ccfea8ef52e8d72c8117927246
SHA51246092bcbfaa7def35414a7536974e10aa21936e65abc3944d9f818d682aea50d220cea89084a4aa147f08c72554283bf72e3339d81f92f96f530e2219c96e5f9