Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
19/07/2024, 01:22
Behavioral task
behavioral1
Sample
59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf
-
Size
168KB
-
MD5
59e322c307e8f615fe45a78a94aa57b3
-
SHA1
da15778e381bb3f02d5e2022255833e4ef2e763e
-
SHA256
32ca5ea3bd1b3015689e8a7a2f42d31c0e53eb775da0421ff17d6718dc412e02
-
SHA512
e2d9645c2eb30d4698b196be7bf8ae0f87e0b2de93ed4151875fd87dbe657fe07c6109162cb24dd32efdab716d44cc7508e7c40ab3ffd4475625d83da6b7bdce
-
SSDEEP
3072:5UnSFkxOmYt95coQMhv4ktA//Gv0CSxySb0DFV43lDZKxqQfQUWodKB:5pqnYfMMhds/GvCxv0xV43lDuqSQzr
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1208 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1208 AcroRd32.exe 1208 AcroRd32.exe 1208 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\59e322c307e8f615fe45a78a94aa57b3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1208
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56d21d1b38ebe70220b402b09df0ef095
SHA1daa06892055a82db3864ec7e9acb9d4fa14353ef
SHA25628907030cea8d11b8103a6181ce5fea9e1ad7f6364fdeb54e455cd9ccdcc48e0
SHA5122923277e0d8e9e899b518b7e43718097d9cc3733909f37772065c75d8e4b465f8513d880090d1f724dd2c4b74d346f6b056f6ddf48af8d6ed563da70127651c3