Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 06:45
Behavioral task
behavioral1
Sample
8d334c92b55d78b75861ac58b9339765_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8d334c92b55d78b75861ac58b9339765_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
8d334c92b55d78b75861ac58b9339765_JaffaCakes118.pdf
-
Size
36KB
-
MD5
8d334c92b55d78b75861ac58b9339765
-
SHA1
89ca83775084596deebc146c170ffba858a74591
-
SHA256
f00e00b43d5cce00033d26dcae0bf4dcff0ede897ae6c81a5415da3a35fb868d
-
SHA512
543d99af5ac29c642e3917506c55204ef62a69c3013d3dc9a1909dd12d33b4583d96be835db0c6af589136390cb7ecafba3989628bf5c955828051bf0c67bbb6
-
SSDEEP
768:eXuMZmwgCLWardE5Hpx8c8tMOPWN4uRdbokcQ7RRFtxwtFVx0rMT4vwZArkhnb:eXFZmGWS+j8c8tMOPWN4uRdbo871txSR
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1148 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1148 AcroRd32.exe 1148 AcroRd32.exe 1148 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8d334c92b55d78b75861ac58b9339765_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1148
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dee060463aa7b845e8e728a716223ea4
SHA189045767e472ac5dec05c27fc2282da6ac0a99e3
SHA25680cba491c45c9f2cfae9650123f0b04f794670ad88358d4ec872300bda9a5245
SHA51223218d4d858ad41b08f0814673f41325f894eab7cdd2e2aca6af9f3c5ce37d0248cef2923f09bc09bf48726d949bb5b55e6bf96084e4e069869dbb37ca04efde