Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 07:02
Behavioral task
behavioral1
Sample
ad40c678141b58f5086fa8e322fdde0f_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ad40c678141b58f5086fa8e322fdde0f_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad40c678141b58f5086fa8e322fdde0f_JaffaCakes118.pdf
-
Size
36KB
-
MD5
ad40c678141b58f5086fa8e322fdde0f
-
SHA1
ade69a56ce60540fc525c064c1f6f1053ebf63a6
-
SHA256
e819faad8d83df05c4994fa71cbc6f48150599bf5226fdef9668e5fc8c3540c9
-
SHA512
b68b88c81ead5825f5ef09b7a17164775a822ee1ec636566c24abf1673c8a14c0e4e6b13e8323cbf1690792f173916e43588de57f2a2182c1f0e2d3c8af84174
-
SSDEEP
768:HtLYJyRWYN/frfDThMtT3/jxXgKyfBZXfURZgaJm6b1r44:HtLyK/zfvmtT3/9XXyfTKVm644
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2352 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2352 AcroRd32.exe 2352 AcroRd32.exe 2352 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad40c678141b58f5086fa8e322fdde0f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2352
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54d3e8a60ad69d454fadb03fcf265eb58
SHA1320d93dc8163d0309ebb8826c2f5bac085f0ac5a
SHA2566f5168f8188061c6cf337c9ac21ed1537ea6292b70880fd4e2cf20ad620e75a7
SHA512b41fc86ae181544f7c682318d570511b9b7dd68528c6ca4a6702c6d18542e82d03c6b6220fd7a1c897bd56fb0d63be766be472ee817e539c17395eaf4b5b1922