Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:42
Behavioral task
behavioral1
Sample
8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf
-
Size
52KB
-
MD5
8c7f374efb7ffc149a1bd5a812ecbd3f
-
SHA1
cdcf21f42f7e3550ed935638711a7e99d1d3a052
-
SHA256
d7a101e5dfd0fa44de2f00acad21d5fab75b45b64693e0e4708e4f7d0972c1a6
-
SHA512
6eac0d89e5becb1c02f6ce40bdbb3437115cfc19d7e70c664664840be02542cb00a16980f24f79b234c0849230ce9357c02d71c5a79781ef16e369de99c1c4ac
-
SSDEEP
1536:0GFPF+xq0s3znFeWfT76yAaBwyrcOTmjMMmgI/Iv:BFPv7r4WP6KSyQOTKMRs
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2924 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2924 AcroRd32.exe 2924 AcroRd32.exe 2924 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c7f374efb7ffc149a1bd5a812ecbd3f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2924
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53fe30e67a2abf2087dd96e3cc04c34d7
SHA17551071ca9b204b3960acdd0acc340a82b8dbe70
SHA2560f0e3193d071f67c90fddf6caf7866e7426b67bdba813c185f0864f8c2427370
SHA5125f9e303c9fdf85dfe05303292063ae032bc099863b8625e4a83c6c0ca80e172955f16026057e6098ee09095f04daf902aec202b9e1442f9a4b8f25bbedf615eb