Analysis
-
max time kernel
122s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11/04/2024, 11:09
Behavioral task
behavioral1
Sample
ed4833a08840b6ddeb13b2dd6bebd749_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ed4833a08840b6ddeb13b2dd6bebd749_JaffaCakes118.pdf
Resource
win10v2004-20240319-en
General
-
Target
ed4833a08840b6ddeb13b2dd6bebd749_JaffaCakes118.pdf
-
Size
91KB
-
MD5
ed4833a08840b6ddeb13b2dd6bebd749
-
SHA1
410cff659a6bbce6577ac29fa1d2017d3af51d74
-
SHA256
8830d79fa4575633e8fd6375a314df287499a8f43103fee4f67d89d52a48c7c4
-
SHA512
1e20d550bb1b5301d4ce0175b2878e3db9f728f8a7d31a7a43c02792cfcfb32ed68dada7ae430a5911673ce644c322d4bbc4a26ed8aa9786b25fd5a675ebba67
-
SSDEEP
1536:r7OfNuZ6UtAGFiAL2ztgv9fQrYOLNnjFlOu90WSrir3ABIYPfDMtelMWUpO7jPB5:nOfNp0jFdD9fQrvLNmuwiTAiY3DPlv7D
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2920 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2920 AcroRd32.exe 2920 AcroRd32.exe 2920 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ed4833a08840b6ddeb13b2dd6bebd749_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2920
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD509fcc1854631ed802cc90d1be9e043d8
SHA192f4810f328da24f54c13a3721b2fb3cc63003c4
SHA256755c1efb5e1b83a15219973462eef559788e37cb72d6fa9e7c31a9b6d91f3992
SHA512f653652187cc14ed20dc1eec1e9d2f69516ec2fbd1f2c3d676fec18a469fa7902630834fd3f1435238d652ddf93fe4c71eacd56d2fa69924ff3c728d66b5a15c