Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
15-06-2024 07:05
Behavioral task
behavioral1
Sample
ad42375cd919ecf1d367dac99469ab93_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ad42375cd919ecf1d367dac99469ab93_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
ad42375cd919ecf1d367dac99469ab93_JaffaCakes118.pdf
-
Size
18KB
-
MD5
ad42375cd919ecf1d367dac99469ab93
-
SHA1
6e137e42aa002b4cafbeddfaf87761ccd65747f3
-
SHA256
d1ef62447a6c2a993bbe82b9788adf594ec7fa7235d08d187e25a37966343e37
-
SHA512
da15b81a40455cd237e0bf3e51d5a04899a16143551c0929da29a2fd38d4f98efcf2aeab2db3b9ce5e3ca424fa782259336547796b28587a2df2808030cf0d26
-
SSDEEP
384:VzV12z19c/II9kjFovklokNp3ur9ytdutCdCjL3cWhnSQ7dWqiTSl8X5lsQ86L:VzV12z19c/II9UFo+Bp3ur9ytdutCdC2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1372 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1372 AcroRd32.exe 1372 AcroRd32.exe 1372 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad42375cd919ecf1d367dac99469ab93_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1372
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5645e5e05bfe7e514d756e1cf9849726f
SHA10c31f373d7d823d0b55d1fecd5a447182416ab29
SHA2569a3f5d526fbd59c9a851b0c1977b2a801ca1aaa28ef386adf366dfc53d837b30
SHA51233170215360d5dafe982a8493fa7c0dbbed66777b4e77ba1c570351aafeefc1577c6ce23e335a0920fcd907b52b127904730489fb2c112a2fc7a7b7cd841a783