Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 19:17
Behavioral task
behavioral1
Sample
25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf
-
Size
9KB
-
MD5
25f3a7caf0c932caa3d4351bb6f80be3
-
SHA1
125ceaf8f17a4947a8cace22ed83e69dc63207da
-
SHA256
560dc2bb158238e7076ed703026f2b32758314a24adcb7cd47bf24570f7d29f7
-
SHA512
0b13c28a9eff7dfdfb3be23ad52bf98dcaea30a79ddd90c948fc52848a79a7b033a8760462788282662737121a81ac9c76a40ea0fcfb6928d277e654712965d6
-
SSDEEP
192:lPz4ULMxLIKXHsfyxTDdbgZi6kZpYiUrjEotle+DZ3Hzfor65BCjoRM95SEySoK0:lPz4ULMxLIKXHsfCTZbkegzlewzfmdkn
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2460 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2460 AcroRd32.exe 2460 AcroRd32.exe 2460 AcroRd32.exe 2460 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25f3a7caf0c932caa3d4351bb6f80be3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2460
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5943a47532ed6a35636f4c5247e26d36e
SHA12284b7fc23fbe6bd9ebd5f3eee07252dc3ae982b
SHA256404ff4af7bb8fd71576584f9e7d432506c19e6c99cb6548d3f3e3628ade518d2
SHA512e6baa9526767fe3bff5db85ae9113b741c038351e5a2ca63b213495577915a3d284b16d7a94431b151c1d2f3b0e6d19164c5ad5da0a67bcb7bdca19b3283fa31