Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
10-07-2024 21:07
Behavioral task
behavioral1
Sample
3662528e25cb0d8297b8e48d4ddcffae_JaffaCakes118.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3662528e25cb0d8297b8e48d4ddcffae_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
3662528e25cb0d8297b8e48d4ddcffae_JaffaCakes118.pdf
-
Size
373KB
-
MD5
3662528e25cb0d8297b8e48d4ddcffae
-
SHA1
b66e6ef394500259c763697186e402b7b806ff67
-
SHA256
47ed31b6652c5733c9aa80099c29a249a2d0cf15ac74d96e35634da71dec0299
-
SHA512
5fec1b8071dcbdc5744d51ee638af4e9ec0aff125e91335d1856f651aa086147d7a7bae84dcca18373d3aed24d6874a120cd5e7aa7de1b20c281964620c6f8a6
-
SSDEEP
6144:WnVtc8651tETfmFTYhbfN5Vwzn0UzbgcB8wlxsnaWfYtguSvDPOrJ5S1jEuwygk:Wm51tKmFA5ivQK8ybgYtLSvDWrJ58EFK
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 588 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 588 AcroRd32.exe 588 AcroRd32.exe 588 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3662528e25cb0d8297b8e48d4ddcffae_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:588
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59f2e91b5af6b74cf866b81a644f41294
SHA105ee3fd90ca20d107cc2f38c1ae0226d7b4f4f4c
SHA2563256bda6eda36df5316fbd6ee06bdaff924c3fc5d3d9918b3cd8bea0192f975a
SHA5121521246bfc5dbfbac82aa6bdb820ef5a9d793d467cee6f73b96d15149fc1cdac9577258005a9bcbddb6f0ddf2a8b84bdab16a1dd1895a448624e1e650e9bff84