Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:44
Behavioral task
behavioral1
Sample
ad367ef90a126096cc355ae84dff45da_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad367ef90a126096cc355ae84dff45da_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad367ef90a126096cc355ae84dff45da_JaffaCakes118.pdf
-
Size
47KB
-
MD5
ad367ef90a126096cc355ae84dff45da
-
SHA1
6fc0975e524fa4afb8c04f80277e8d1d33921c43
-
SHA256
9db5bf8de6273860f58163338162cb93c324e101c4d5ca83a78ee00498582477
-
SHA512
a91ddd181d1ee6998c63fee4deda253ede09dabb2252e391fe3f3652ec667bd13a79a8eebd70d1c9551a430c52728145c894702c84436e6848269cd0c4360e09
-
SSDEEP
768:TgGzpDSo+DnGjpZHQbDig20BQAg89v8YyUQlO1Bmf3XUGHU44qsXrmL/L6:sGFOVQd89OAmfHUGv4TmL/L6
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2072 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad367ef90a126096cc355ae84dff45da_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD568feaf132e0bf1417a36a4949aba4560
SHA1e9ce329e31a5e1f59f455828c395243e4e52866b
SHA2569baeffb542a2ae120972dc141b048bd09ba18dee69a931ecf24f561066243416
SHA5129268133c714adc2818b7219e14b0aae03679548836092977acd43eafcaa903c625fc5ecfe38839cbf941a720b5303775734f3c8192272219217c20dff1571b1d