Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04/04/2024, 18:06
Behavioral task
behavioral1
Sample
bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf
Resource
win10v2004-20240319-en
General
-
Target
bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf
-
Size
82KB
-
MD5
bf2286dbb9847051114512a9189b7c5a
-
SHA1
a53e1d9ff3cf86d515f1a4d3927e46ff6401936d
-
SHA256
5a79d6b80476e880fcfd00fab51c21feda15e0284692d936cc6df014daf2ee2b
-
SHA512
084a6b432c874a00a8e840cd8e45b55f36a6b6c2b0580a1071c6704cca941c49b8cb4eb071b526bbbfad5297bd65c7682951ef120c7da5e9b7fe242e34af3275
-
SSDEEP
1536:MydE1S+KZsLEsIgklZWT9/w2X39kEqubc3uQMyXfR3QQbEWQFvR/tw1WOpOwr0Yy:jf3cIrZ8NX394uQMsfxm/twywr0fHZMu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1976 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1976 AcroRd32.exe 1976 AcroRd32.exe 1976 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bf2286dbb9847051114512a9189b7c5a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1976
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59d8f0c92b397ec59812428d8b6cbe9d9
SHA1fc36699940de0c23a6800de66466b4fecbd10832
SHA256b4844b9d7a9fcfe49d3b5dbb961576b1ecd03bb18bfe55ab73122f116d349f06
SHA512279c413b793be9accafbf0a4638437b47919c01d8434ca5d71d80e2d751a0bca5482886a724e5996b54393b471e8046c5c57f40afab0190be40270c7068011d7