Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 07:04
Behavioral task
behavioral1
Sample
ad4179ec20bd0566efe8747ca838f609_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ad4179ec20bd0566efe8747ca838f609_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad4179ec20bd0566efe8747ca838f609_JaffaCakes118.pdf
-
Size
17KB
-
MD5
ad4179ec20bd0566efe8747ca838f609
-
SHA1
7e5964fce6960e476a9f80aef946cdb47f21911c
-
SHA256
78dc06c1eeca144f523978d99c60c44441d2fb45f3d35f3d4941b91310e3d666
-
SHA512
d4202745a95d779f1e9220256a989d8ce3a63855062396b5b6f433db67fe956c75ed2f9f8c1d5f2997c31041bb3652b09347bff4733948968ade42f44b0ea97c
-
SSDEEP
384:VzgH/4bz1uSIoULc88U+cGdD3sU5qB5s3JFscz8H9XmiEdcXdddJDe/cxsrCB+vQ:VzQ/4bz1uSI9qi5qX41mXMdddE/CAcUQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2924 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad4179ec20bd0566efe8747ca838f609_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2924
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fd9205428463153fffc7c25c5faa148f
SHA11f4b50466f39ece80ca269502453e0a3528b769b
SHA2569ce0f279b407c77ba52464dfa3e100f72fc2e1bf005369ae26549bca9856d081
SHA512955016c3c4911f23595f134e6d1bee3f91bf13b686c0fb488f5b856f274e7e22f57fce9a1ab8a59388c3f042216619a65d1572e07fbff048f1ca93685251b20f