Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
17/06/2024, 05:00
Behavioral task
behavioral1
Sample
b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf
-
Size
65KB
-
MD5
b6e2618888d2ec3a16ef8c80b1fe34f5
-
SHA1
6aef7bb0181ca3ea2bfd9e07e4967571b3fb3554
-
SHA256
842a97450eefa31fa379b51c2e6b4c9aa7c3647de5e765708a75c3e766ff0bbb
-
SHA512
1705350a9205f0836324d79a1e8122ac96f9affd2a150c128a23d0ff49784cfa6ac232905c4221f224f501c970a3bf9b0ea043cdc12ff4da6674a712e5e64cc0
-
SSDEEP
1536:bGFO4ED0svq2sh6c3IRAg9iDRb9GeRbFcutIXX1FHhZj:6FO4EXvq2sh6c3INMtBBRp7tiHb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1680 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1680 AcroRd32.exe 1680 AcroRd32.exe 1680 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b6e2618888d2ec3a16ef8c80b1fe34f5_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1680
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bae1a5570fcc6a447e6eee8bb8a7420f
SHA155c9b21c0cc8a572dc8c1512d38fafc5f575f252
SHA2568e09949a91d582ddb4b44f9667a29208d9985a510af43a0c1d981866d92e476d
SHA512f2e7c4a5a869c0cf08eb9f6de2759896a500a872ea12cb60976a9313f1af7c90e1c97af8f5c355a666ced04492036206e6238fe9ae5c280e621ea4403600f99e