Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 11:59
Behavioral task
behavioral1
Sample
91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf
-
Size
63KB
-
MD5
91b55b7b9b3d4d234a201bab49f972be
-
SHA1
56315db1bbb1f30a7df619884a479e8f4a16da88
-
SHA256
f5d8d75c978a14a3d7ed6b735feadd04fb282eb7d84feb84380273ca2943f63d
-
SHA512
f0d231ec9f103b82457538c08b4877dcf039c4b29f38380878462a8070e570bbdc11ed040eb4a18c4d4b6f25b652cd3536eea307b1f10e578e2e4d452adfe242
-
SSDEEP
1536:vGFIMyF486w0uMoskHxCqtLLoq9L0Nj5L:eFI5y861VrWCqtLU4L0Nx
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1708 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1708 AcroRd32.exe 1708 AcroRd32.exe 1708 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91b55b7b9b3d4d234a201bab49f972be_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1708
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5adcaabe2a6de8602f735f63c45d857d8
SHA199feb33283285a015133a9dde919c9f10a34026e
SHA25681658967a9e7efad7bf3f775bf579bb1caa44eb89b378302b9fd0c2f72b64f01
SHA512c5db79282adf477f67f8334a4880870f14ef1ca7e2ab9f9565b80f75d14539d147c62964ffa25381fca7de7cfc3ba25c1793ddbbcbbf755ce73a7a070ee5a23f