Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 09:03
Behavioral task
behavioral1
Sample
0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf
-
Size
16KB
-
MD5
0799a5d41d13a866f5a6e9da96b5a72d
-
SHA1
73bcf6846d193d210e92c619d4b506ee085b07fd
-
SHA256
72306436ddeddcf04b62a3a348911064cf4b1a7714e1c7d1ac42c2bc3067e98c
-
SHA512
5f599a77dab78f81e872bba66f6376f2a95006ef5381303e38985ceacf9ebb063a87518b8998f5325fda2cc7359c18df956dc57e4b8f419dccaaeb882e62f0cf
-
SSDEEP
384:xPV1Ds+FJRosa1hY542gimcPRY8Gh3vVHBXO/nA9mDCgVg4LQlm0YLVcPGGYN:RpFfos1giSNtBXO/A9mDrLum/LVd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2976 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2976 AcroRd32.exe 2976 AcroRd32.exe 2976 AcroRd32.exe 2976 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0799a5d41d13a866f5a6e9da96b5a72d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2976
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c6bf808a30470f22a01247d2fa56045c
SHA1a368a85f111bd149633e408c4e1c5f69bf592a66
SHA256bcb3cd4f92504df1a000d71c3a5288754e7bff9173fdd32f38ec5c543c9dbb10
SHA5121c1709e0f30eae5fa422cc4fe6831562d2c211857bc1fa8c03963ab44808042021fae4b80d6f70019cbb48acc9334b1242f64f42b718e0cfea994ae52f05d909