Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:32
Behavioral task
behavioral1
Sample
ad2eb720225d173911002c712480314b_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ad2eb720225d173911002c712480314b_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad2eb720225d173911002c712480314b_JaffaCakes118.pdf
-
Size
353KB
-
MD5
ad2eb720225d173911002c712480314b
-
SHA1
840ef5743ab5a9e60d12842a39999fa327cbd41f
-
SHA256
babc7893e4dca7c717fdeb0d1c52a644737c1732d90b7bea3ddb1dd7774874c3
-
SHA512
9767f4baf4863b08f93279dbfc1fe4f7256df0714ebda15d5711e3b6297995dfbf74a3abdd686af90487488702c3f43922e3aa84e62e54580e562da079589fda
-
SSDEEP
6144:O1CCAWVOebZ9RrN2D5IMabZxVuyYVcAn42HUxTlHGCrmXPF:O1th9PB2DKxx0cAn4207VrmXPF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2148 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2148 AcroRd32.exe 2148 AcroRd32.exe 2148 AcroRd32.exe 2148 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad2eb720225d173911002c712480314b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2148
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58dca4e50891d79f0864bebcbc587bdd2
SHA12bb48fd046f75c4a0c4fbee5d3698e136cafa6dd
SHA2566448cf957d1438c5c8dd156c61ee5bf161ee4fa7b1ade224e474571fc6aa0589
SHA512e9e40d132ed2964e6e187a964a24b62edf2c6b4ff3cb2b92680955b7c97990a4fd7afca0a786c4e024e80d101f12b163e602a9525779bde92b270c63f3b6ef19