Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 09:06
Behavioral task
behavioral1
Sample
079c2996c3f4212f86735f63d04f1284_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
079c2996c3f4212f86735f63d04f1284_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
079c2996c3f4212f86735f63d04f1284_JaffaCakes118.pdf
-
Size
9KB
-
MD5
079c2996c3f4212f86735f63d04f1284
-
SHA1
857db9ae230254afc892a43c5e0a570cb7acac2d
-
SHA256
16885266cb7fcf7c17c07ed7f3b7418ff2bec935125b42d568027f82579a7ff9
-
SHA512
6cd0fdd8d14f5e7ea0c2603215a5f801f844cf25297cdf0c71b10b2057e5f07fcffd95fbb06ee9945d309064be7a6cf39a57d02b00a6dbba768bea34f001ce0e
-
SSDEEP
192:UPz4ULMxLIKXHszsl9hQJmDc7aQGTjDJWRtGh+XX2V4qX9clClm/XP2QZ1o52BlP:UPz4ULMxLIKXHsA9smDcaVWRtGMX0pNE
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2596 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2596 AcroRd32.exe 2596 AcroRd32.exe 2596 AcroRd32.exe 2596 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\079c2996c3f4212f86735f63d04f1284_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2596
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57c3e75c9daa3bf4d8001ebeb791a50a0
SHA1e2189b6b1674e3f6e9cdbb60b895a93a90caad9c
SHA256cb49bcfcb567f8980f1e944405b124185cba403d7adfb8921bea30d90ff1891f
SHA5121135972aa6ba48d173edc40401c8265f15d8f9a496fc02e196941cd9799d8bed174343c0101652bfc65cc3f72a614e90191478206bc2445220e1104b1c415134