Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 04:18
Behavioral task
behavioral1
Sample
69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf
-
Size
44KB
-
MD5
69b4b689c03a6ee7bbd550d9a089d503
-
SHA1
3f1f239b0d15d6977fd5fbcf1e47bfe3ddcf0dca
-
SHA256
f45831ea69942f65c6add14d45bff0d47117729ea14290ea9ed816395ddbe3fe
-
SHA512
b34fe2160134c2e32c51fb2f560a5b0609d279359a035ee25062ac97903f6c8717d44939fa42111cda06f65578e40a6b0e285b7dcec0084268a4b42f723a7358
-
SSDEEP
768:7yIi9KXfYtPyYBa7A+L389gXkNHB0TCocoF1+uTbEu0IoOgeYxt8lHzXuMZmwgCf:akuxBN+L3K1xB0TCocoFsuTbEu0IoOg2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1044 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1044 AcroRd32.exe 1044 AcroRd32.exe 1044 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\69b4b689c03a6ee7bbd550d9a089d503_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1044
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bcc048743986201552302fa8edf37688
SHA12b971b2306a4d9cd56ed764f1a5b7574f9953f63
SHA256f4826bea48fe8e2027a8e02ac696402324101bbbffac5448618e91c92c67410d
SHA5121911611803ac28640fe2d80119ded19e67f0cda45d600c331982b284a4e1808059ca1c75a930b43de97f5eb3b9f9cfa0af5ddef76caacaedd63a87a7fa255e75