Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 13:20
Behavioral task
behavioral1
Sample
91eec2a485788f06709f9e86165c12de_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
91eec2a485788f06709f9e86165c12de_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
91eec2a485788f06709f9e86165c12de_JaffaCakes118.pdf
-
Size
33KB
-
MD5
91eec2a485788f06709f9e86165c12de
-
SHA1
8237cc0bb444f5128e30a173304e857eaf50bfcd
-
SHA256
8e59e16a2becf7d1e0103017172b17a859c7586aeb3c5e4c9c0f7b6ccf47a18f
-
SHA512
a42895e85da4d042d34a04b090433c38046c0c5e61841d729896f551f1495e10f7c6d10ecba2de92b73b7366373ab020d2ec203b576131823b348e49731f1872
-
SSDEEP
768:5XuMZmwgCLWar9V6vJiHyP557ueSf716EsruiFP3r8WbPkRxa:5XFZmGWS9VOiHo7uei716EsruqPgUkRY
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2884 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2884 AcroRd32.exe 2884 AcroRd32.exe 2884 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91eec2a485788f06709f9e86165c12de_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2884
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fccd17b0269699348151b01619020792
SHA11ec297896c3c55dfeaaa23826c0e578c93c1a0ce
SHA256726a6977be1a39bab1daf81cff8a3f75facc3a963487604b2f10fb0d96955b3b
SHA51276ef4d98aba18a228b50a6011e772cbded510236741615b34e5a732866ffeaa853396e67b90b58e01b44ef2fe51d4ffaac85084781691c3d84fe8d179b8cc880