Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 08:07
Behavioral task
behavioral1
Sample
075bda6c0444181903212a6bd21249fc_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
075bda6c0444181903212a6bd21249fc_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
075bda6c0444181903212a6bd21249fc_JaffaCakes118.pdf
-
Size
7KB
-
MD5
075bda6c0444181903212a6bd21249fc
-
SHA1
e11cf097e4f9f025c12f7c4d00849e5fcb5df7fe
-
SHA256
badd8f2fcdd367f285cd760c4a9247df12367dc261cc3100e2d9891f9cbe71ba
-
SHA512
ad09a5a1ba3fb1c4cc77a357ac650bb0770c9dca491ee19f6ff19f97ab19effabeada24b0f82d45775bea1ebc04c499d327e1d1e08c9823fb08a35597f8ac7c7
-
SSDEEP
192:cP5ufkq1kZAHO0WZuqcSNjI5A2DUt59BYz:cP5ufkq1kKHOT5j34UtLBYz
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3028 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 3028 AcroRd32.exe 3028 AcroRd32.exe 3028 AcroRd32.exe 3028 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\075bda6c0444181903212a6bd21249fc_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3028
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD547586b7605f5ae4e17bdcac49aa86dd7
SHA1401ba723a2d32bc536014bfffbaaf7675f942ed8
SHA256407688b2d3efbdb1ff83966598f1df38d40a9f4df2371579a493b41c56c2d9e4
SHA5128b5bd0959bcbb599dc01cd386765001b22ae3e56e207630e88c059813dae3f39bc00747056a3f143c1da4061e24874977f9333ef0b2ef05e56e5a25faa091f60