Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 01:49
Behavioral task
behavioral1
Sample
06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf
-
Size
9KB
-
MD5
06fd680914fc0b1cdc4763a41ae1180c
-
SHA1
0f526af731d561ecea5f8d1e6b2398493c165c07
-
SHA256
e9b211be77faa021b95a9c50d8be52019657de140c13b9cb447d5a3bcf114ebe
-
SHA512
a8e19bfb50442af887cbb9594bf85fe10ab40fc84bf1590bcd4c5063d2d45b8b72d0844974e4a0f0ef8ac860e2c3c99dae714bea16662aa189118659b4e7ccad
-
SSDEEP
192:pPz4ULMxLIKXHszsVz3Kw0zbK8RL3eyeTUnulwgcHKSNsHki7rUpd/3NjxlfVLPQ:pPz4ULMxLIKXHsAVDE3RLB4UuCgcHKLp
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2072 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\06fd680914fc0b1cdc4763a41ae1180c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58f5bc6a016042f135cb37fe6df274694
SHA181d2fae1612d1bd53d7bc8966facbb675dfd5c47
SHA256284eded0aeb792394ba1b0c13800690afbca976c972b415347c58d7c30271622
SHA512621542e7c9a43edd67dd7c8cc7e3a36cc13d13ecbbe2d0cf47b811b0e949e1fc5df603c1d8b6fcf7933363f65b179e0b0ef4e5c77331fb486a2c9e66dc945958