Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05-04-2024 08:06
Behavioral task
behavioral1
Sample
ce2591519ae41fa8256ffc6aec44d26c_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ce2591519ae41fa8256ffc6aec44d26c_JaffaCakes118.pdf
Resource
win10v2004-20231215-en
General
-
Target
ce2591519ae41fa8256ffc6aec44d26c_JaffaCakes118.pdf
-
Size
74KB
-
MD5
ce2591519ae41fa8256ffc6aec44d26c
-
SHA1
2c04aa7f3600974aa0aeb0cc116844defa92dffd
-
SHA256
df6bb85c60ea36c511f5a86edaee7e0daf9daef3ecce4886abf1eea9589b91bd
-
SHA512
6c549dabd6fb57e1c41727c99f0d6be72b160331291f610164882ee26e78b478005f134585f4f264823644a44ff471f2a385eb9b287e7019bec5c8bcc3fba443
-
SSDEEP
1536:WDGovS9n/1itAzXCy4jjX6UVfaWvFqMX+QW7Ry4OWQpOCCzpZ:ynvS9n/1itkXCy4jjX6qf3wjk4BCq
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2380 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2380 AcroRd32.exe 2380 AcroRd32.exe 2380 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ce2591519ae41fa8256ffc6aec44d26c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2380
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50727109a3732afc34ad9e7ff31121b80
SHA1470c916bff0efec4f01a66edb31c01477befb82f
SHA2567f9118a6dfe01a8f62a9af51914426ffbfdde6a38b5c9a0bb180460f437ef49f
SHA512cdd08858f42f5d17157b08ce4c4d3ce48614387754b7e8a297e9012bef7755ed4a01ee23b48c87ea25cb90e165b0b26ba9040eb7397d95eaaa45dc5e76a2149c