Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
09/05/2024, 00:30
Behavioral task
behavioral1
Sample
2770fb11126a86b10eb5f576f77c2863_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2770fb11126a86b10eb5f576f77c2863_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
2770fb11126a86b10eb5f576f77c2863_JaffaCakes118.pdf
-
Size
37KB
-
MD5
2770fb11126a86b10eb5f576f77c2863
-
SHA1
0f19464ec444784f1eb7c571dcbdc88d33fdfa96
-
SHA256
c8dc2a1473804746c894351232ebab7a8c3c237d92cfd5db9bf614b39f3f0983
-
SHA512
4120cf052348e5a182b65e30e9e379e6b30e1e3c41e9936acf489043ac3888215dca13be8416c2d7c3a0692cb37f7980994fe47b794a4313a878c403a217fbbf
-
SSDEEP
768:ggGzpDGpzhzys49ru1CUNCeQaT+mMBcQbrTCGPv43Ib9PCFoX9:tGFKpzRVsPSGPv4yPCFoX9
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2288 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2288 AcroRd32.exe 2288 AcroRd32.exe 2288 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2770fb11126a86b10eb5f576f77c2863_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2288
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD502715008fb332386731876f371d06c0c
SHA135ed25aba0b2d78385807546bc2bae97cc639565
SHA2569835cdff7f004b8cec82228ff530a2d5fb3c14c6c87d62809a2489be14f46205
SHA5126ca1cd82efa9beebea79a5a62201cdc8cc2a3ac4d290013de4802c75222be21879b1b7182e26d378da8cf580035c75a57a83d4c4d53b3c32a2870a352e2f5b21