Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 06:45
Behavioral task
behavioral1
Sample
8d333876015bf572c6b296829567ea37_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8d333876015bf572c6b296829567ea37_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8d333876015bf572c6b296829567ea37_JaffaCakes118.pdf
-
Size
385KB
-
MD5
8d333876015bf572c6b296829567ea37
-
SHA1
59b9c8af6bb58fb2f4286d6ff266a7f87c3753ec
-
SHA256
8873811c4fdff91ac25bf78532139d0b0ed69d306c34a333e51156aa606f3635
-
SHA512
b7c38d887e6e73e7a41d3faa7222e92696f428e7970ecf21d6c359461e34b0b1c39b24fae9f9da7c16488cddaad1affa666b018349f8398c886715ed0bb0b4dc
-
SSDEEP
6144:yX+98acGLYZo/7gRdNgM7seIGIbQyDbUTR+y3FT1yenXIeZcHn9juEitfOTtf:V8aeWMYTG0QyDbUTR+yfyeYeC9nitEf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe 2356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8d333876015bf572c6b296829567ea37_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53b23d5432422e239cbeeccb9594e6b5e
SHA1d4ae7fd8905423004e0b0e9ed1de1b4c0bdfc769
SHA256fae96b3858da03d6f5ab121a0775f72ab3edca16b81b8f1b5bd7b8d43d992825
SHA512e114c4be4489d2aec4234cd384056a9e5693fa1940bbb796264b20a782c7bedd7a54b84f2821d68d175fcf5873782b747fc42d8d2836945cf96fe5f8659f53ad