Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 13:28
Behavioral task
behavioral1
Sample
91f410fdabb2b0f80d5af8012b32831e_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
91f410fdabb2b0f80d5af8012b32831e_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
91f410fdabb2b0f80d5af8012b32831e_JaffaCakes118.pdf
-
Size
354KB
-
MD5
91f410fdabb2b0f80d5af8012b32831e
-
SHA1
75310abb09187f3db0734b28968e05f0ae41aab3
-
SHA256
e4a815f5b47efac08a5fbebc6bb2a459552a62aca6aa084db17536bdd506faa0
-
SHA512
d400b5349ef330d999d819168a2d484475f777136dc8cfc2b6f7344d176c0c772cd1fba8532c01febc5d2c6d980de8e4558c34fed353d74748e43b77c9b95ad5
-
SSDEEP
6144:AOOTOFH816q+FB2qZVcAIPhgcfuAiGWoOoUn5KWQ6VlqV:AOOsgj+aqZ+AjYuA9E/Vli
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2968 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2968 AcroRd32.exe 2968 AcroRd32.exe 2968 AcroRd32.exe 2968 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91f410fdabb2b0f80d5af8012b32831e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2968
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56fc9c823f0462b8607fbdf89a6ae640b
SHA11d8b275e202671754522c9822ab23fdbc621b55d
SHA256ede79ad0181999f36994e336ef4842e36aa1ba750eecb71b0423d8972708a8ec
SHA512e6ceef03d953b665f63f8cfaea37ba5430462c47a05a54b578e4efe23fe059b3a48c8d8b5599405d56f7f046d026ceeaa1d8cf8c05dd07602ec431a26fab57b4