Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 04:46
Behavioral task
behavioral1
Sample
8ced1c172ed9990a217171892c0f9914_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8ced1c172ed9990a217171892c0f9914_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8ced1c172ed9990a217171892c0f9914_JaffaCakes118.pdf
-
Size
15KB
-
MD5
8ced1c172ed9990a217171892c0f9914
-
SHA1
1c316a6e13c26b3a27a36aa9167d6dde27647524
-
SHA256
9d7186d31db2a89bdff21fc6682b0f6f4d1727148c89ead1e89ff0d6e9aac06d
-
SHA512
16cff873e8080a8fe3bc720802cb35e71c8c702ed9de3c4507f4594b8968ab33dbb198ff0782a44b305cad0321fa873dce72e71319457782f1aaa732f416bb70
-
SSDEEP
384:VzRjjMTsz1RsE8A0M6w4qwok97/iD1NgdqldOp45UXeAoHG9GSmQ2UJ/:VzNjM4z1HXD14lok97/iD1NgdcdOp45i
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1676 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1676 AcroRd32.exe 1676 AcroRd32.exe 1676 AcroRd32.exe 1676 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8ced1c172ed9990a217171892c0f9914_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1676
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5affb6b59fedffde345f9f8d25ddf7f89
SHA1081a8139bea8a8fdb8c1694719a39dc5c5abce50
SHA256cd6f9e995460e780534328530306c068eb62cdf0fd0825364ebc7ebcd1a8d27e
SHA512e8e31531c521757d6bd7d5f7120327dff8c703011b26c8dbcab0e464b4209e3d123e4eaab5f1686b7deb7481c7486e478601f113414fc92c4e68d16bba0b0f8a