Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 12:56
Behavioral task
behavioral1
Sample
91ddd640eba01be7454f6f820f50fbce_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
91ddd640eba01be7454f6f820f50fbce_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
91ddd640eba01be7454f6f820f50fbce_JaffaCakes118.pdf
-
Size
40KB
-
MD5
91ddd640eba01be7454f6f820f50fbce
-
SHA1
5beb1f65640a03e817282f14a33a9933f0b9d047
-
SHA256
d1f2eb9b1c9ce1252d3d0403d2bd3276ff5fe07faa10f693831526afb5e5882a
-
SHA512
f9bd23874b46060bc3ebb685e4a207bc6effbf0db2b49d3b27262c7bb22f262ecf0525aa4459add0f83f4fb82a92e180b4729d543d5b96e06359b5e6c964b58b
-
SSDEEP
768:FgGzpDyBVksi8yJDB3EhejsgQhzq3LMhIqNccU5rDOJ7Bm1Ja0y4eciqR+Wf:WGFmSkIccN5rDqm/a0y4ecLR+Wf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1792 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1792 AcroRd32.exe 1792 AcroRd32.exe 1792 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91ddd640eba01be7454f6f820f50fbce_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1792
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD571a631aa82c473e839d5081710ba17d1
SHA19dc85c4f8f2fe1370ef51b17e2c60afdb8d31063
SHA2563acbb39134e084809f86d3e12e75635bdb6d4e022856d00e70949648abdcdbbd
SHA512d33f171d210b4fa80e74c1bf541c9fac7c2ef7324ccd25e18811cc90a509ec22e181bd97de58d0617fa5f70f033d25d9c216613d48086f82a500543929924021