Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
22/07/2024, 19:13
Behavioral task
behavioral1
Sample
64724984a7cac8699d50d094ae7e39aa_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
64724984a7cac8699d50d094ae7e39aa_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
64724984a7cac8699d50d094ae7e39aa_JaffaCakes118.pdf
-
Size
45KB
-
MD5
64724984a7cac8699d50d094ae7e39aa
-
SHA1
3a114ab21d22d79d768d68d3bc072b3c45053a73
-
SHA256
766c7ae7532513ebe9c88ab9aa6267f50bb457d5cef716fe5b86bc79f920b123
-
SHA512
55e7caa2891a8e84fb62598bb9c09023fb0c23a87aee4b00cb0fb69d0c2ecbc95388a0653756595324f63f467e7921c4c58b732cd5e12612730226f5b934be69
-
SSDEEP
768:R5NFwAK11vIZSx/auAuSR/MtkvDn9zWYd1FFyPhAXzxIjOT:Rfmn11gZRUt2LzdzFypAIyT
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2392 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2392 AcroRd32.exe 2392 AcroRd32.exe 2392 AcroRd32.exe 2392 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\64724984a7cac8699d50d094ae7e39aa_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2392
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5474029ad4d415758cf996de7b77dbb15
SHA172071da24349bbf0df3b0d788ecb0a691ed3a511
SHA25609456c3adf96e66b4cb60bd644d8ac74a8361a49126e26fc4e3527ccbd7e9676
SHA51201925b314c46dcf5b1026ebbf5a06d167fa5b576e208f4fc5106278fea740742ee516d2cca8d1ff32b76fd7dedc0e934aa1cdfb980337836d07d79129d3afe6b