Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 08:30
Behavioral task
behavioral1
Sample
91210cc470bdec00d0339c09755b35ea_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
91210cc470bdec00d0339c09755b35ea_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
91210cc470bdec00d0339c09755b35ea_JaffaCakes118.pdf
-
Size
39KB
-
MD5
91210cc470bdec00d0339c09755b35ea
-
SHA1
550edba54a2be8fe0aeafed174a635abebe4bb53
-
SHA256
4a6e303e1737d2fe9276939f51fa0ee75ff4955e413cfc30a2fab464f8f54156
-
SHA512
b521cfc290534be60901ec1089908b808a960e689176797b11b438b170e4578e51ff4547abcf46719dfb9532dc57e6400b8a79f0018992829abd6e3e2f495a18
-
SSDEEP
768:MXuMZmwgCLWaroE5Hpxc9oxSuyazaxFGuKzdsAkAf7zIiODUuGSQxGFt5hn5XXV1:MXFZmGWSBjc9oxSuyazaxFGuodsAkAfm
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3056 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3056 AcroRd32.exe 3056 AcroRd32.exe 3056 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91210cc470bdec00d0339c09755b35ea_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3056
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53fcfc1783836f0e63a98fcb5f56a14cc
SHA11fb8545cdc448cf2144a60c20b7db9da241dd38c
SHA256e49dce65cbaab21e7837c602f0a9a57c5c7f318003eb01a3d67477771354bbbf
SHA512c5259ce994ae8630b28769dbdbadf27637966baca001418eff48e8ecb473ffe557f126d334a0daadacf01048d97f3ec3b16986743118a6059ea478bc912623f3