Analysis
-
max time kernel
119s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
16/06/2024, 23:11
Behavioral task
behavioral1
Sample
b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf
-
Size
43KB
-
MD5
b5ae6dc8dc7d58ea49a29f1cd6d4ebe8
-
SHA1
10fa62a50149c998cd7f73ca087cedadfaa432b3
-
SHA256
10a4ead8354354fb3aa07a9fd271e697c270574fac11da8e9f25163acda1236b
-
SHA512
518497337d19586d83b58318c90bc5f0b5eeb1ae024499860126ddebfd3d08461b55f482e59ad26ddc81555d63d53b252fc62ff92f0bc95e7a417d9e2d187baa
-
SSDEEP
768:SXuMZmwgCLWaraE5HpxqB4DO5tGFCdtgP7OcZMPcaqYO70pKFtA/WIm+LGl1lYxJ:SXFZmGWS7jqB4DitGFCdCP7ObcaqF70L
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3000 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3000 AcroRd32.exe 3000 AcroRd32.exe 3000 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b5ae6dc8dc7d58ea49a29f1cd6d4ebe8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3000
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54e06cfdb3cace5b80e17f3411d5bc37e
SHA1396cdc23177e749279fcb1976e2e992027647710
SHA256b0eace8a385add97dc0f64e0c27f5acaeb0921c32c13c5ac73e97beb989632cc
SHA512a77f02f84a473549e29766319f043ca3c1c8051f88367f16a0cd9dbb7e4505d1bf91c700ca7e6dde2e8a9b17e84c3da440346523ac57f983f74ac9f66b84e9d7