Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
29/05/2024, 15:11
Behavioral task
behavioral1
Sample
8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf
-
Size
28KB
-
MD5
8129d57e2bddfd072509b5d3743c811e
-
SHA1
cc0668672331d51184d47b616448c6d23a782870
-
SHA256
a74b149d2dea91c90f3c9d4e8995dad6ca1c445eb2decca409dde31a34449c87
-
SHA512
4d07a31752872d3d9d6faed1a44cafe85464145de31f67d3db7d99ef1b0a9e5367530be3c96358207a5f819f4bdd0d4ee6ef77231f528e9964ba766a76454987
-
SSDEEP
768:9WF7v0yesxXgp8x13PRKOMOklTXak2sDKP9E5vXuMZmwgCLWarjJ:EFzeuwp8x13PRKOMOk9Xarr8XFZmGWSF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1192 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1192 AcroRd32.exe 1192 AcroRd32.exe 1192 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8129d57e2bddfd072509b5d3743c811e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1192
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c630f77a2258ac53a1556c166bcba2a3
SHA18ea3cfb40a3853fa4fc1a25d3edaf879008156a0
SHA2564d11ba0da9579db225ac78c76b2d9218e756a6d9b5fe058f915a59113620f8eb
SHA51250e8785771582ca5268d808437833344595502665955c4978da935b0d79eb23149e07acb174d04403731fcc1d0e5bae4f9fd4f92efeed6c2690b56fb61d78679