Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 07:17
Behavioral task
behavioral1
Sample
ad4bbe1da8dbdbffad173c189384b19d_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad4bbe1da8dbdbffad173c189384b19d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad4bbe1da8dbdbffad173c189384b19d_JaffaCakes118.pdf
-
Size
46KB
-
MD5
ad4bbe1da8dbdbffad173c189384b19d
-
SHA1
3d9eb03bb5a6752873636aa606537657e1b474c7
-
SHA256
68a8ea01037ae623b3811efa7979242217482b2982772470bbd6a41b54384caa
-
SHA512
6919291ed88c4ff7fbfcd586dc0efbd66a83829380dc0024d51807c23cb804327b43afe903cc5e6e0f6328d3b068e4fd15562addcb94af71af6ec9f42acb8da2
-
SSDEEP
768:KgGzpD93umtU4KktwW3lgC7/j9oEdVNlDDVSfTFZIArXdACQ0mJm1r6n:XGF53hxBV4fTXrXdiW1r6n
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2456 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2456 AcroRd32.exe 2456 AcroRd32.exe 2456 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad4bbe1da8dbdbffad173c189384b19d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2456
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5416e6a583e6d1236cdf1dea8df453929
SHA19b1b22bfe3eedf800cd5085ab4040ab714a1c798
SHA256540b45673f945bd602f60358176ae22caa62accea7fd7dd1aefab0eb39913e20
SHA512f79d868ad4a15041d5a152d2d0d38102a45f89012fc3664e513736ee6b75d6b33b5a3bdf9991353d5c421b8ff4140ae2096ca3c24590542c29fd48b710a94655