Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05-04-2024 05:28
Behavioral task
behavioral1
Sample
cc1df5da386a0767885b5083c2545ebc_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cc1df5da386a0767885b5083c2545ebc_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
cc1df5da386a0767885b5083c2545ebc_JaffaCakes118.pdf
-
Size
79KB
-
MD5
cc1df5da386a0767885b5083c2545ebc
-
SHA1
1f655462d0a5bf22d12583a63c61f0e0d562675f
-
SHA256
e4237b4fcfde4212452772545d6e0b6b772afe4bf576a1699f66a1995de482c9
-
SHA512
9690101e61ef8dc5e4dfc7653041c3901735d89b3ddb60b792e14243b30252cc7f1db890da79acc5e5162bee98031a6cb7a3f08ad918b179bb7a5065ca25dc15
-
SSDEEP
1536:hcx9JLng8/lu2BOlDTSJl47YWGpOKCWP3C814rMrKOzmY3aY7Jvr:o3LngV2YJTV7tKkABzxqY7Z
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1764 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1764 AcroRd32.exe 1764 AcroRd32.exe 1764 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cc1df5da386a0767885b5083c2545ebc_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1764
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52a94c1c477d72aae573c34e1e96827ab
SHA16fbf51cbf23178b59432963399ecef7fbbf3b821
SHA256f1dcae3dba0988e5c29fa6617929dda8146729d8263475868917c634927273b7
SHA512188f26eec987c81a72ca3aae655688d66ec85eb5dd39f7bc3da11e5e92b4f313d83944f21ffc0fccdff33720f7ed210aa16db1be3fdd84bf2e0153daed08223b