Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 07:12
Behavioral task
behavioral1
Sample
071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf
-
Size
9KB
-
MD5
071ea84bd9cf4878a0296f000e4e7d3b
-
SHA1
d1029b20eedc8bdc073672bc979c6c5f60ce26a0
-
SHA256
fdb6ec73bfa93277085364277da3e2c7a255001e42448290dbec41e6c1c37787
-
SHA512
8b52763ef55bf55eeb4bf14a35a3bf1b28b3e34078531f6bc0840fa481efc791676dd1bb9fb69ee673a28a1db784941eaa8481aa5b70ca0ba0c5991d7164ea68
-
SSDEEP
192:iPz4ULMxLIKXHszslf+6ahM4Pm2IkGlsyoCBP6ERTAWBqAB5UO8ooG/lkMIXTkCw:iPz4ULMxLIKXHsAl+6emUGujqPRuwB5r
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3064 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 3064 AcroRd32.exe 3064 AcroRd32.exe 3064 AcroRd32.exe 3064 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\071ea84bd9cf4878a0296f000e4e7d3b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3064
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54e5e03b2aeb5bf860adead859e726a07
SHA15ac9438ac1dc85cc9159ef5e199ae5bfc051a4ac
SHA2568e2be4a5ac7b566f1167c4aa27d6c130063c9c6e2a1238e80dbda5a696975086
SHA512c362c5b3b6c05f8ecb925e0574605f543841602b5f015471d00afdc64b19f328150f21fb4e78603019945a9c369da9d6d3a6b1ee0ddca82fcf53c702ee33f7fc