Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 00:52
Behavioral task
behavioral1
Sample
8c6017db57fe4e44ce6a957fd78571c9_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
8c6017db57fe4e44ce6a957fd78571c9_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
8c6017db57fe4e44ce6a957fd78571c9_JaffaCakes118.pdf
-
Size
46KB
-
MD5
8c6017db57fe4e44ce6a957fd78571c9
-
SHA1
a9813ef3dda72adc6d1f37ef4a6da7cbaead34fc
-
SHA256
da58507ef87f016f3b6929b89187895a7cfc4c9268f9d6a26330440324aff715
-
SHA512
452339185b0a5ff656bab4245355cdf0a247bbcd4d3ba8d07d4026da4bfaff761523e6c1e25230191cec711dbd07691d59f131a27cf128b4c9372bff344ef213
-
SSDEEP
768:jgGzpD8psaos5tDYpZm//rRzv4PkzkiEZnixoqgVr6z2AexCeZBUnHh1S5eMLe:cGFgplzv3k1dqoxA4qE5eMLe
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2908 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2908 AcroRd32.exe 2908 AcroRd32.exe 2908 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c6017db57fe4e44ce6a957fd78571c9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2908
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d4d6fdeb68f8e2fc5a3d012b8b54e573
SHA1bae2f5aca8d1afe5b3ec54de22f76de6a9bd6d7c
SHA256b5b486a0f6d7ebe60c8808ed27457d7cd1a3ab61c54483d004feb828810c6c6f
SHA512f6b14e3fb3bc2c602bc6e82c8af3070fd264c91a7238a97d84bf8bd7a0c562490c24db5ecc0308eed9cb0600358f2e1929b470d52d502297c996c6bd21a1d6a1