Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:36
Behavioral task
behavioral1
Sample
8c7ab02b37ed0bb02045641324d92b09_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8c7ab02b37ed0bb02045641324d92b09_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8c7ab02b37ed0bb02045641324d92b09_JaffaCakes118.pdf
-
Size
31KB
-
MD5
8c7ab02b37ed0bb02045641324d92b09
-
SHA1
b0802f714bfd3f05364efa55e27b474e982e791f
-
SHA256
4ae571010d4a6478e04974814af9562791448541b2a02c4722933afb1c495436
-
SHA512
207cffcf35ea480745489bb2fcba123671391855d1b94547ff25d383880663efd99e796fe9b16a0e5cbb9030ac72ad4ac86fbb36d7ad8ef475285f18153a26f8
-
SSDEEP
768:NXuMZmwgCLWarwLB+7MbkxIfbUNqra/gF8GA8FU:NXFZmGWSMbQQUqrigF8GA8FU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2180 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2180 AcroRd32.exe 2180 AcroRd32.exe 2180 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c7ab02b37ed0bb02045641324d92b09_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2180
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c9e2510bc746c169eb69edd21dc7d867
SHA1d585fc8df77f044394fc1eea79915a60b765c254
SHA2564f2c1a102171f610e4a578cba7b95912a05f43f9f9655403fde3f01e0ebd62fe
SHA512416bdde9e94f66dab642932df629d36c79849794120a60192c21693e8d0ee4510f6baf1b58b46e826753c47f98904f3069c881a98f06b297fe735f8eb1cba9bc