Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:35
Behavioral task
behavioral1
Sample
8c7a81aa934304a0738b82f5d7d8f569_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
8c7a81aa934304a0738b82f5d7d8f569_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8c7a81aa934304a0738b82f5d7d8f569_JaffaCakes118.pdf
-
Size
40KB
-
MD5
8c7a81aa934304a0738b82f5d7d8f569
-
SHA1
6300cae77022adf79d1a0d3fcc06c2c710a09b4f
-
SHA256
4e658b6c300979a128e68ed5a2888f5e23f30b4d82a889f4c1521baefb2a7ae5
-
SHA512
df646411373ba9fc0b58bddc218fdadb6c58ddc697762dcb7cd73518aa0034a799a973ad5c8e73c545c10bb6c4c32aca4e50789892a5ff3f8bfeff4ad3a8dc7b
-
SSDEEP
768:AgGzpDRpTN3SeMQ3RyPNPQwh66qUByMBlmWoGIO4Jno3Te15O:NGFNpG6nUBNfoGItO3TeHO
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2416 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2416 AcroRd32.exe 2416 AcroRd32.exe 2416 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c7a81aa934304a0738b82f5d7d8f569_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2416
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f2115c5d4b7a87035895127da359ead2
SHA11e12208da4809b076ccb27cfb8effa690d4fa6d3
SHA25616f13e8960abef6c9c475fb1f2509570bcdc31c4822357a6fb8fa49872db0a6b
SHA512006f851f72cc18450f51c208c6b9e88bf21b9da62bb6af0c4554165532e11f34f8c1f85889b29e03bb49c4968cfdb580481afd3f4d2356dc1283b4088d85d3f0