Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 10:34
Behavioral task
behavioral1
Sample
917691e47b880bf1d14be6cc59d1835b_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
917691e47b880bf1d14be6cc59d1835b_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
917691e47b880bf1d14be6cc59d1835b_JaffaCakes118.pdf
-
Size
36KB
-
MD5
917691e47b880bf1d14be6cc59d1835b
-
SHA1
6c49bb23a0172f7eb56d66e13f800da06ff5dfe2
-
SHA256
9b58f6c657a146b0d80e16f5c9fa57796cc8a09d2ba22d2906bca2b1922b14e5
-
SHA512
9d4616df596764158405f4ab79c8561909bfed8f0ab24ce734561230e944fd4cebfaec708ca5a2696cc23dc1593e0b7f30c46e65f714c9b97ff7292f5d60fd00
-
SSDEEP
768:YgGzpDdRUl6it1moFMCB7QPQW+VFiMRj7mYCcdH3Ak4Psm:1GFxRK6it1moFMQPXRjqTcdHwk4Psm
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1500 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1500 AcroRd32.exe 1500 AcroRd32.exe 1500 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\917691e47b880bf1d14be6cc59d1835b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1500
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5538b7aa007ec0b250b81e26dd947dfb8
SHA1dc3428518b55b50372364382f261a5b8647bda5c
SHA256f68c0324e8d5251b93acdc69188fbd9d020078e1708e86525c04fb92c95e432a
SHA512cb41a67ed1c15db28a55bf11510ce49cb8f70df0171d36d9775fcbc536c82899b25e153d57658e2864caad6dfa8c5e33373ac30bf2d54c44ec102e879a4327a3