Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 15:01
Behavioral task
behavioral1
Sample
81242c85eb37cf3bb5c0f5587848da4f_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
81242c85eb37cf3bb5c0f5587848da4f_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
81242c85eb37cf3bb5c0f5587848da4f_JaffaCakes118.pdf
-
Size
770KB
-
MD5
81242c85eb37cf3bb5c0f5587848da4f
-
SHA1
6046d19711d93b46b79a2d3a178c0125919b9d0c
-
SHA256
0298ed02a01de9fefbc8afe61760b7b97a3f73c57b4dd9f6430b6bfa251f9a34
-
SHA512
e67c3c3f4140c87e4600d014b5beb3f9506044370c1038a5e87080119a16513b27b10e3b51f59c8b2048f1a7da83ca1990741ba3f60a7ee080c612c162cee105
-
SSDEEP
24576:9vievKnHRujCD23BMG5+pMhxaH+gYsBGRG5N:3YH9DYMQ+pMCH+gYU5N
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2696 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2696 AcroRd32.exe 2696 AcroRd32.exe 2696 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\81242c85eb37cf3bb5c0f5587848da4f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2696
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5226f5443f17a1aae3f6424bfe9b7c318
SHA188430007ac0259114702b57a1b305ecff1e720d3
SHA256e38d7ea5e40ec90323eda59d1897e142de643805ee36f6b20a32ecf21e1505bc
SHA5128d9358669bdca0f4b1700596d385b2593f51e37d704a1b5c101bd57c7bb31a9c9ca57f53e8ebb0c31b25a8e21f77b1a22f6273f5e8797e96cecba783a583f418