Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
10/07/2024, 10:30
Behavioral task
behavioral1
Sample
345b7043f510cee1d69e73317fa5c345_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
345b7043f510cee1d69e73317fa5c345_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
345b7043f510cee1d69e73317fa5c345_JaffaCakes118.pdf
-
Size
91KB
-
MD5
345b7043f510cee1d69e73317fa5c345
-
SHA1
109b19676e1c5f4b31706eab77c1e007ccadada0
-
SHA256
a6101ea21d080e1be3e387a79cdcb80cab9a13f122c2ae6c09608443e349a4a6
-
SHA512
932eeb7111fae32779ade6d052e6024651354d639bedc7a8138e4494f4a912def1c14ad2ed5dc881ea467b380e17222852b1037c0fe9cb628e5956cdebaa6cad
-
SSDEEP
1536:3pDtFUBJzlpZRvLjIoVUQp1Kj7kK6lIt47mufNGW6pOu23EsXim0WHNE/dydP:j+ZRvXOk4j72+aLu2UKDW/dS
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1344 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1344 AcroRd32.exe 1344 AcroRd32.exe 1344 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\345b7043f510cee1d69e73317fa5c345_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1344
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59e2866d2e8427489e3776a8d845f8e34
SHA15a61cacd5e7ea524889a573d9a9a6bbe6f68ecdd
SHA256776c50ac00ec3afe0ceb44d265b1a188791e745468d3367d8812cab14ee6d801
SHA512636faaff8214f55df1ce2bf96def3cbaa974c91887e039b0b14171ed623f28613a5b5f09b754096b3978795b9a9d6f5a60e706108d458c0bee4019440bf6766e