Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08/04/2024, 16:54
Behavioral task
behavioral1
Sample
e7f349dc892ee16b5d7f6b5893c7ffb8_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e7f349dc892ee16b5d7f6b5893c7ffb8_JaffaCakes118.pdf
Resource
win10v2004-20231215-en
General
-
Target
e7f349dc892ee16b5d7f6b5893c7ffb8_JaffaCakes118.pdf
-
Size
90KB
-
MD5
e7f349dc892ee16b5d7f6b5893c7ffb8
-
SHA1
923936e6a68dc1b4617e2a495b28de3e3746febd
-
SHA256
31bb6e23bdbb008e00c5160a1b4dfce6cd90839ae83d59aca7929a5e45c7aa7f
-
SHA512
ce3849fdb474113dc89032090b6f063de0da3994580b51f442769f1b7ce5848bd644ee0281d928f82733c1e0e3392ab56431e9d0f59d4c30b8e4f192be577be9
-
SSDEEP
1536:dfGl77WEEFhpFhsf4v4SpSzlaj7yj+35ASjqzaZWbpONiWAj9iOhqlZh2V9VM:sd7WFhpFawv40SzAlWSjbbNl+khqQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1980 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1980 AcroRd32.exe 1980 AcroRd32.exe 1980 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e7f349dc892ee16b5d7f6b5893c7ffb8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1980
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD511b8c6b9f1191bb471b6acf3cb5188e7
SHA13482d887c4bef6389743172212bde803cb2069b4
SHA256c73513afda766b72e46a2402545bf1b493f8430d745b73e6c0b8cd3ae1dbb416
SHA51215cd3afc15f28315ce94faa75ed69b4ce60ba53634939949fe4c230a4688fbaea91cdd3f46dbab7f5521507ff300e6d8bebdde091ebd880506676adcbf4e06f9