Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 22:36
Behavioral task
behavioral1
Sample
8facf60d7858049bfb3d66dae5c86c4a_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8facf60d7858049bfb3d66dae5c86c4a_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
8facf60d7858049bfb3d66dae5c86c4a_JaffaCakes118.pdf
-
Size
78KB
-
MD5
8facf60d7858049bfb3d66dae5c86c4a
-
SHA1
2446697d71fd85cdefa4ca6404f82ed77c38bd40
-
SHA256
68238a231aaec9a11725858580508d412ec4c89ad1c2764ff459939a6b9c39c7
-
SHA512
a4038ea1ac115708a4fab4147475ecc0850c140d467ad3a3212824019bcf4a2520c549b6bbc2531735446c7fa28e42abcf8e012aeceee45375eeed3445944021
-
SSDEEP
1536:fGFtp/UvwQS91maEZFrXqJnyYj324/V1Ug7/w8ASaD/shGmj2a:OFtpYE1JEZFrXqJdJJw8ASGmf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1688 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1688 AcroRd32.exe 1688 AcroRd32.exe 1688 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8facf60d7858049bfb3d66dae5c86c4a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1688
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD571468fd3bd99fda37255eb9034870e5a
SHA1106d3b78c3644c615a750cc28f936ab9d348c3d5
SHA2568e70de51716e587a01e182f7f0e99f365453dd1c7c15b4180a812537ad12f3a4
SHA512f90bcb2ebe3fe53d79fd3f4b9caadb8375bf6705d43582801cd95362115cb8504dae97f2dc9b560ff5a0edf88008f0c4d13be85333b3a93c55453bc84341ee7d