Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 08:01
Behavioral task
behavioral1
Sample
9109e8ce5985edc707e7f70edc69b7e2_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
9109e8ce5985edc707e7f70edc69b7e2_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
9109e8ce5985edc707e7f70edc69b7e2_JaffaCakes118.pdf
-
Size
47KB
-
MD5
9109e8ce5985edc707e7f70edc69b7e2
-
SHA1
307f925234923ff72ae165f6dc4bf42709f61246
-
SHA256
380a6c4e9aef68a6dc6f7d6a206d655b1fa977fe992dba6578b7f9c2d2a93bd9
-
SHA512
1a08a87037ab3138a48dc84f526469d10e32651ccdaec3e12e1c33ef2753c05cd502c43d133caf354bee683277477dc644351dcf13f3fa5381832117830e424b
-
SSDEEP
768:BqgGzpD+puYtn8BPdqDoI3J4+sClLEXj3Pn2jYURsbqtE419xcKo+:5GFipHs00j/2jhPtEkxcKo+
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2168 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2168 AcroRd32.exe 2168 AcroRd32.exe 2168 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9109e8ce5985edc707e7f70edc69b7e2_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2168
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58fa57de21c1cb3dfbca1ae193dbdc077
SHA1b511a45008e8ac6ae2028e10beab7990c5a6a302
SHA25641f048bdaff43562b2e06e3efa8c8ea83c6d79cee4ba46e9daf04a8660e2f423
SHA5123a52df136343cee3031d137aeeece01948ab542c3ccdb1813e906ad3b81ee07295fffc79382ae71d68e29bc987fc8dad921d2aacdd691b4423402f92ab956372