Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:53
Behavioral task
behavioral1
Sample
ad39f607f02bb0dd7012c220fae5da00_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad39f607f02bb0dd7012c220fae5da00_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ad39f607f02bb0dd7012c220fae5da00_JaffaCakes118.pdf
-
Size
41KB
-
MD5
ad39f607f02bb0dd7012c220fae5da00
-
SHA1
0fad57efd246d7336dde5169a279e6f148c85116
-
SHA256
591603e29a507399473e79888165b258a05133effa8cfd0fca26434e6d5f85b5
-
SHA512
6bf21304bd055e5cc756c680f4f8510fd3d6b7da410f154a1b227490b771e7fc949fe44ea28e0af8b0a32e97c0657de07221a4c8b40648692732f4b44a85727e
-
SSDEEP
768:c+XuMZmwgCLWar03UXdidfYx67fFGa5s0KTqIhO+8BpV1y6P3msuF:9XFZmGWS0kXdQfY6zFGa5s0KTqIhKpVU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1252 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1252 AcroRd32.exe 1252 AcroRd32.exe 1252 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad39f607f02bb0dd7012c220fae5da00_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1252
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5984973e1a1fbe25e3c731b0858fe2898
SHA1d4f7500ed2a54bc5b46ed3c9fa2f8636b92c8a30
SHA2562a7d5e273d32aad6c75758106d3a6365eddf889c0476edcb2bc69ef5250e7bb4
SHA51257929fe383fa7ab7d1367b8ddb9264b94f8e02113a4547d6902d327275dc827b230d20550203196db487492ca09fad51d185bbc4061e2e99422234753e286ce2