Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:03
Behavioral task
behavioral1
Sample
8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf
-
Size
58KB
-
MD5
8c66dfe64a2abb956f4ff6996afc4f54
-
SHA1
d8dcc8de753249a295b5e82d1bc117d0b83d4c19
-
SHA256
39a13ee05d72333c2c5693bf02444089ab68f8ca3eae43f1002f5c58461c4142
-
SHA512
2cfda9b77d40a91dcb657c67510f0323df33b0dcd51325286bf983bdaa84db2966052322b4fedd1fd9eeb5c14630c524731843e1e48f61f9ec160b2908732ee1
-
SSDEEP
1536:NGbpUVLisHj4QvCgKmumOQrPMpVnWc8iEAHjIW9kjT8CksZiIRoAvlxFjQcu4XF5:NFDtKmOQDAT8Jy84yALsr2OvZpuWysWm
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1672 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1672 AcroRd32.exe 1672 AcroRd32.exe 1672 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c66dfe64a2abb956f4ff6996afc4f54_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1672
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD554f72cf8a33659ae5d2f2a1ef899c896
SHA11c7df244719bd76c068e4dd2ccdf586a01c38ded
SHA256e3e90fb11135acd04b8ff2129cea78cf05fcfec71879205a9c807e4222de6815
SHA512063f894d116e115313a1f638ffd44bb057dc33009a387b6ac756d660898fdb730dda026a8e629d22e2d1fa296deae8484906d1dcafe46d9796ff8d918cafda5d