Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:05
Behavioral task
behavioral1
Sample
8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf
-
Size
82KB
-
MD5
8c67bd5da47db121aa63450f4b8307c4
-
SHA1
c63e49914023e5278d0844d400b1ff7c7139ba7f
-
SHA256
3066cd31f5a34b129e2d134b371e5d40e220d0e8656e98edc56b050d743f12c5
-
SHA512
2ef82bcc15006419b05bbcd24769f2b8a93f21d5fd7718f86cc841b61ac3796110a0a28b8e3aa3ed73ca61803d5905372572d676a52243fdeee4d09f3a896638
-
SSDEEP
1536:SGFWp+U4X5NZP5aQ7eMZ32+8H2oIhTFtJaJIEet7k8QuQaX4:LFWp+U4XHZP5aP0hTTJiI/7pQuQh
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1276 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1276 AcroRd32.exe 1276 AcroRd32.exe 1276 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c67bd5da47db121aa63450f4b8307c4_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1276
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e223880917c209c2f1e726021e23cbfc
SHA1e8be8fda9cde88694105ecbe7a7718be9d25b68f
SHA25661ee1f018676daf207bc45cc249863b080d9d050a9c816c14a993f43ece48dec
SHA512ff84537d321f0cf737e5eaf6650400c063c79e76f0f370456d911e0ff1d28a2f713c8e261a995cb901731b06f87b65e8afb1a050e528c5f26eb2a871b7c0d617