Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 18:55
Behavioral task
behavioral1
Sample
25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf
-
Size
17KB
-
MD5
25e1544ed84e86ce54c364a8a7f62c54
-
SHA1
15d41ea5f3942736cc39f0abad85c72d3fb3bb0e
-
SHA256
594e72af05cfc61089573399fcd4517f0744f4b2e2cd62c0124ccd1e69fcb7cc
-
SHA512
9fb2b9a366a434e407ca327c85bed252895a89e1ea86b5351aaaf1bf2e821cb928f2223b6ec99a7eda97150e6e7d61e37e14152e1ad4e52deb29985491530054
-
SSDEEP
384:pPV1tJmPYzafbckLLbUFYDxMDX5KZwowxZ74bnzXqKo5vHNZdPhbHvKVvGGYS:APlfwSXCzIZwowxZUbzXql5vHjdPhLvG
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2168 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2168 AcroRd32.exe 2168 AcroRd32.exe 2168 AcroRd32.exe 2168 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25e1544ed84e86ce54c364a8a7f62c54_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2168
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bea012889f7ab98fb7a6f45fd8cfce34
SHA19498234d3e03c474f15a1c5a84968472ccdb00b5
SHA25625aee045efbd79da949594a31ff303078d2568c13850547c04f5a8617ad86273
SHA512aa077d7488c32b9923d51ab465d4fa887f477ab7d1d1e18add1a626da5ecca8fa5a32cf4c5ddea1bf4dcce580349827a35ed64a7f07da3403874b5f7b193db5d