Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 08:54
Behavioral task
behavioral1
Sample
802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf
-
Size
42KB
-
MD5
802bf45e55e2709616810fb1706269b1
-
SHA1
810a98b96c85014f5b5a855bbe7f9f9ea6e1509a
-
SHA256
123b0a46d88a9af676b90a311deee5ed35d6e48882928ae9646877079b5c04e2
-
SHA512
826d2c1c1f9f526bf9b145b487574a3fbd67aa3cd1437fdf7f17328aba3df712fe7f8668cf89da4757a7c204cf9479a623747d61b045d934aab19f12460beb3e
-
SSDEEP
768:RgGzpDQpX7Luub8xM+kWVK/sb77XxMtKdb6Sced4oF0rDw+MkDD9yiaDuvb4mPG/:iGFEpXGq8xTK/sb77Xx8KdBlCrJDYia1
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2184 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2184 AcroRd32.exe 2184 AcroRd32.exe 2184 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\802bf45e55e2709616810fb1706269b1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2184
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD552a40722e20f206e89e2bbc72ea20dc0
SHA172efae48230f97c3e2ef2c8a8d40cf3ae10288ce
SHA256eb301bb29f253d8cb3ba80bf37dd4332e613c006f14cda324fd525ae9f40f88a
SHA512c4b9eb86212b1ce701f320416a3a5780e64d0dd33bbf109ce8286ef06f8e9b193c4c8e7a7fd68a162b708d7e3b49dcece63af308210aac0c695293fcc44a468c