Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 08:00
Behavioral task
behavioral1
Sample
910917459c37a22b3640053cde82381f_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
910917459c37a22b3640053cde82381f_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
910917459c37a22b3640053cde82381f_JaffaCakes118.pdf
-
Size
38KB
-
MD5
910917459c37a22b3640053cde82381f
-
SHA1
d7d9133b7494aed55038d717bb0a067e28fe1d9d
-
SHA256
701f23fc3695dc5e784ff7fea29dd1302f730a9b94836699e91d48ac61bbb0f7
-
SHA512
daefa1282e6521afb86c729b8e8129ecfda7c438e4bc55738cd6147c16ca46a642a986abe0a5fc769a2c184af6b45b0313dc4c87c26bbe9254ec84e04a19c286
-
SSDEEP
768:VgGzpDbpvGnvT3/Cgph5y6+s5T5Q7w9VotPrlALh:GGFHpW1i7LtTCh
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2372 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2372 AcroRd32.exe 2372 AcroRd32.exe 2372 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\910917459c37a22b3640053cde82381f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2372
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD517c0e6aced752773caee31696a9978da
SHA1f7960ae624301b1e1f1e79cec7253a8c023267ea
SHA256e1b4210c279206e4e9f4312e8e1eada1134437ea250ccb3989e32bc0b790b27a
SHA512265f604625b6c0d8b3293ef4cba5672dc8ed0680c2845a8729e838d9c34f2fe759af3e1830583189bbf33e01ca41f28e7d1dc5812e115daa7533e2187cb27ca2