Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21/04/2024, 10:05
Behavioral task
behavioral1
Sample
ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf
-
Size
93KB
-
MD5
ff08fd6b2b3b2cacd1cd38fc23e2e567
-
SHA1
3df4b03084278ad1efef2c0ee401b807c53f8020
-
SHA256
f544be097e5083488664fa62326b57a8b5540ea2ca0d5abb08ad4afa7163be3c
-
SHA512
c95e84e25810f3884914684f171c75b2a817518860d04935483ad7066be1987baae3805a245fda5aa763a63e13f2d82689a2b6960cc59f7d583ba06993de3500
-
SSDEEP
1536:Y2Fjdj2xm9AVwIhyCpLyQd1H8QLcw70/KIn862SEaoWjGEDfIuKWGpOGoWjWimue:5jam9MwIhy8LTdSQLcyo7vh/6EDn3GqD
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1292 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1292 AcroRd32.exe 1292 AcroRd32.exe 1292 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff08fd6b2b3b2cacd1cd38fc23e2e567_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1292
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59c4c01ac5ac6e1cdeba8d28f253094c8
SHA1d1d2e6df1329b2e97751f9b4ab4de5644a507288
SHA256685644c9f2fcf2cfe02bc1494a8bc21d5fa0e3e1417ea8f7fb5c3ddce0d44ef9
SHA5124e2ef08abe49c515c48cbc4182ea3904c38570bf2040756786cbfe0d9cce90dd26b36907851bd5555068065f1c2a41c821613892e1529fc9f1b06ffc5b67a983