Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 15:37
Behavioral task
behavioral1
Sample
8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf
-
Size
27KB
-
MD5
8137cd0a6eccdbd1e37aa360860076a9
-
SHA1
420550aa0518a813b6bb146f3540dafe1bcc4bf6
-
SHA256
be30e4589efc4881bfc2a337da262e4575b0d8d334978744f47ad4ecf61e9ddf
-
SHA512
b3a0c8e8db7dee89e61c8941aab2490696e86e238a0c3ce4f0f5c22071ad4db75ef4ff7642be2a8f51c943f21e625c4faa905f29f153ed387a23cc665b7cecb6
-
SSDEEP
768:tXuMZmwgCLWarOI+BAEtnW8f+2tzWP7bsNI8FNo7qqdqTWhiBPrIFM:tXFZmGWSOI+BAEVWY+2tzWP7bsN7FNok
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2848 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2848 AcroRd32.exe 2848 AcroRd32.exe 2848 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8137cd0a6eccdbd1e37aa360860076a9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2848
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aafa208984605740f6658f6c4e38246f
SHA1dd9f776b40331f9fd02e7132f0e4c065b266910b
SHA256466035921bd6eba7a79a75eca2aa578d146cd78addd832d0cf2e2ca1d149672b
SHA512b8b640a8664d6b12d79b156273a9d22bca533c885ec5bd981e53da2cbbee8f00c705d2242131b30c3233ea15f39ee4d42ce4e557b5cf41c2a2a399cb1a533848