Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 15:08
Behavioral task
behavioral1
Sample
8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf
-
Size
40KB
-
MD5
8127f1df4a23369a8da1ccb19f6d0390
-
SHA1
3ae6905ad5bd480f6f0bd4c98b1b8454107ea502
-
SHA256
daee5ec14eac9e98bd09c7eb109c3f0f59d7e839a705c4f4fa9d717580fc9f0a
-
SHA512
782e415150b9a42a52f5f0dbe629226cfd8f9b617845ca0ee0568cfda9754be7726af287ce52f4c79861124f3dd8a00257fe8dd84df4315a1119c8fb18cc728f
-
SSDEEP
768:+JiQGzPXour39Xbm7XZxydncUSl1ZrdKvACclTSnSECqPBgiV9p+WWiaTWogL69r:QJGzPXR3mNRRdqPG6haTWo796cYo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2964 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2964 AcroRd32.exe 2964 AcroRd32.exe 2964 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8127f1df4a23369a8da1ccb19f6d0390_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2964
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55c5a95196b8daa3baca749c195327b14
SHA13186d6bb39eeffa96104e05cab1302ee5369eca1
SHA25695d74a3ecd80ef871de61700c4927d7489fbda9a96ae646945192733d1561a2f
SHA512886ec4098fabfdc1d116f5f6b7b51f4c27986adb39e7c883fa989cb6e1d3d7ecf9d376c629ae940b24d1190f2952a78232f587cd615793de47d7f615d6601671