Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:11
Behavioral task
behavioral1
Sample
ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf
-
Size
42KB
-
MD5
ad1f960f6ab63e1a1f2a9b242cc43001
-
SHA1
1fa1387308376982ab9d15391e78bb20684f29ae
-
SHA256
496777670cab263a8577fa5bebcd86011f9f89c6b3e4d2aa793e50153f297a76
-
SHA512
10363572f7a9468fa35096ee68487579ddb362c65b3b934fe899a230ee8eac46fb4f565aa50982e58f01ddc48e42929ebf72a2fd507d3290b7896d81c2e1e3be
-
SSDEEP
768:1XuMZmwgCLWarDE5HpxWcw264L7sMuUd5UCkbDzblcNYEtGtY6qQnDiL/9sIE2IU:1XFZmGWSMjWcw264L7buUdqCkbfblcNL
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2944 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2944 AcroRd32.exe 2944 AcroRd32.exe 2944 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad1f960f6ab63e1a1f2a9b242cc43001_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2944
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c7938c33044c2ff1fac073985cec3649
SHA1611406207b1d2e0212caf6518a4e57f3537a20a3
SHA25681823446646c526e89c79f6f9be75adbfd3069453836368e151f5fe22f452c18
SHA512fc3cf4d6477bf5203af8631502cb174f0bb4c972741bec640e19f29921346846c833a55793939e4dcbe1d82c3771ce2c358cd5efe66f6c392f89e1740905d4a9