Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 12:19
Behavioral task
behavioral1
Sample
0875d0c89622f12180a542ecb40349df_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0875d0c89622f12180a542ecb40349df_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
0875d0c89622f12180a542ecb40349df_JaffaCakes118.pdf
-
Size
9KB
-
MD5
0875d0c89622f12180a542ecb40349df
-
SHA1
762958d4567982a300ee0e561932a7efdcb1dbcd
-
SHA256
e705f788d60ff3c9a81aae0264797dc8c4f30dd476765d95a8734406db3d3087
-
SHA512
f136d4a69ab49ae782401cb105562e6c0fb338d80329067ce0d25127a7419e1af54520243b24045b3b7be852a3a33d520ba26033bc85d06c32b1a4e0f1736278
-
SSDEEP
192:QPz4ULMxLIKXHsfyxczIvDarj29VOTn8iWF6mSa8rkTv0LJEq1I5kCz:QPz4ULMxLIKXHsfCcMvpVOT8iPVrkj/H
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2916 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2916 AcroRd32.exe 2916 AcroRd32.exe 2916 AcroRd32.exe 2916 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0875d0c89622f12180a542ecb40349df_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2916
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a058946b0079d7d500b1985b47da8184
SHA1bd98f63af6056ffc199449a802548de08433658f
SHA25692f85a7e17f011e534e352667cf77c8e43b753d1818918f14867909390914f9f
SHA51219aef76d8edd4de0787de07519aa9c4ee4b6d6158e7ed130df56bf776f17da088e2f923aab7f4bcf9d604f5f291adfe8a6200f9af069b93c48b10a4565811fa9