Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:57
Behavioral task
behavioral1
Sample
ad3c1c7b206716641e50c5e999b0d536_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ad3c1c7b206716641e50c5e999b0d536_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad3c1c7b206716641e50c5e999b0d536_JaffaCakes118.pdf
-
Size
74KB
-
MD5
ad3c1c7b206716641e50c5e999b0d536
-
SHA1
33b3fbd4ddfc0889cd31ef996ea5f2b57aa66093
-
SHA256
9894009577311684d15b3e45f75c24317d3389560beca3bcad78d6833850cf57
-
SHA512
c98161295a7cf809ad3fac6c4ab25e2944a09bd6c8f405a0cf6ac2a5452b3ad8823c88e17e833d6c5d7e36e58241b0e50ddd963983d5218f5a007016dc753363
-
SSDEEP
1536:NGFSArFe8y4v4Iy9EQbfxObHHWRHdDe35:QFS2FfyDEQNOzHWR9D6
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2928 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2928 AcroRd32.exe 2928 AcroRd32.exe 2928 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad3c1c7b206716641e50c5e999b0d536_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2928
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55fe557597ea5a03f1371c35c659f3dca
SHA1352d80b8296bac04891f74589330c471567cd624
SHA25682cccf5e00965af887748bba0f122b6dd4d013d3b3467352d3eb9730e4b9bc37
SHA512f5032e662b224ae039fff10891c8aded6b3f8cc2cde2ed50fbbb210defbacf44689dd9e7b21397cac92cc4d7df23d430da700c2af4b6912e5bcd29ee21b29814