Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 17:30
Behavioral task
behavioral1
Sample
9efc6d6ae3a240498bb59e2875ff4c63_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9efc6d6ae3a240498bb59e2875ff4c63_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9efc6d6ae3a240498bb59e2875ff4c63_JaffaCakes118.pdf
-
Size
36KB
-
MD5
9efc6d6ae3a240498bb59e2875ff4c63
-
SHA1
6bb1a32be677356c1bcefff76bc652604a03f598
-
SHA256
a33ae0a329e8c6d2cc2438ec69e22b464cf0d7aaae14ec991f5c0fab34b23e72
-
SHA512
4f71165ef268930cda055b22ef00fa70385eaa68c8aee538c90d7441bda1a8d6c2c9c005d4d02b41ea16ea833aba8b9d7c47e8f7e51efff7cc0747ceeb71c0d2
-
SSDEEP
768:GgGzpDL6hQSzf99wC+6eVsjPvz3VT38M2VUX/0KbmB/MDWhig6/if+qWVnF:TGFfgJvzxs2X+MQig0if+qWVnF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1736 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1736 AcroRd32.exe 1736 AcroRd32.exe 1736 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9efc6d6ae3a240498bb59e2875ff4c63_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1736
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD550beb0413f8a0d650cd613b513454972
SHA1ad122d1a5c86c89418d540b8d768724bd369eda6
SHA2563f40437aa2ba540fe859bafb3f67d87945b895a148b41ae2325dadc38e9337f4
SHA512dab7d01d2d69bd142426dc5414f5228409d3ebbc889792059f1842049364b5594fb59c9bfb10549a5e4bd6618c66e00d72409403193c326b747db77eb4dd82b6