Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 12:52
Behavioral task
behavioral1
Sample
91da5c706d13bf3ffbb6b3bf8d6feeca_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
91da5c706d13bf3ffbb6b3bf8d6feeca_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
91da5c706d13bf3ffbb6b3bf8d6feeca_JaffaCakes118.pdf
-
Size
43KB
-
MD5
91da5c706d13bf3ffbb6b3bf8d6feeca
-
SHA1
3d5bc18955687dc5c667d90eb3ea0a3013595ac1
-
SHA256
50f93c0328a6fa9ea4e0556a7daad0032ac2d63f47dfe42a737450092c75851b
-
SHA512
86dd91afe6f358e98e1575d694dc7ca54c080bbe18f66ae5790b1ffb4fd56dd1f4a67bada8d266ac9e038eaffee88bc06e87398ca8796f8fd02a0709bbd4b5cf
-
SSDEEP
768:TgGzpDseL7UGeIjRqeiC3WIgK0+qtQ50dzKt30r4bIvtcmRP4zsSUTgViz1pBk:sGFwefUG1qeiiazdu0Fvtcml4z7BYz1Y
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 840 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 840 AcroRd32.exe 840 AcroRd32.exe 840 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91da5c706d13bf3ffbb6b3bf8d6feeca_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:840
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59f8c68d4797c4e5b6e2d3af95c69b298
SHA146e5e4fac5001a2f388e6c6ddc84ece584002f08
SHA2564cd9445e3d182e7772813ba3ae0b5d5cdfeb942956a83748592b7f6033219e41
SHA512722faf1f5bb75d0bea75c13418bf8daf042df9c9a696b47b3de508b4ea5807cd8173a8e5f2f911e3a43f4582f0fad2ee166fb1fa08e37ab1d41dcbfea70bd821