Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 06:57
Behavioral task
behavioral1
Sample
ad3c2e5c9581848a12ffcdb9725c9102_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad3c2e5c9581848a12ffcdb9725c9102_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad3c2e5c9581848a12ffcdb9725c9102_JaffaCakes118.pdf
-
Size
53KB
-
MD5
ad3c2e5c9581848a12ffcdb9725c9102
-
SHA1
09f897e865df1f22822488f1ba193a63c76630f2
-
SHA256
2830fe09583f7666e68d60b3d84c57c79ad25127eec4c516d507a18bf5b3d4f1
-
SHA512
ef1ef7715d821c60329d3f781e0618de73c93cc1f34a04047842096b1021f0df905cdcd5f75b6d5fc9906b406d3b9d949bb1e4dae8101019a849e6d722124b89
-
SSDEEP
1536:4GFLEikTS1NBfpVSCUvIaXu17ejid5r3La:VFLEvu1JVHUvv4yjk5r+
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2852 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2852 AcroRd32.exe 2852 AcroRd32.exe 2852 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad3c2e5c9581848a12ffcdb9725c9102_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2852
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD591afc1e9db0a5adbb075b03d056c3ec3
SHA14d0b98bc81839f8a3ba446c6cbfe32e6b73b0e1f
SHA25647b481a3dfe815a626bb1b3b871f207b3ce5adf4b41ffe2fa853e9424764efa8
SHA5127e6b842a43c6b4801f6c76cadd5b3b0b8de24f2b8752d581e3576c63648f456eabbcafddca78365b5de60df295943273caf75580480dbfd9f63c0431e7ffa613