Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 17:42
Behavioral task
behavioral1
Sample
9f050c26101fc20d7c0fd541a42c679c_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f050c26101fc20d7c0fd541a42c679c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f050c26101fc20d7c0fd541a42c679c_JaffaCakes118.pdf
-
Size
44KB
-
MD5
9f050c26101fc20d7c0fd541a42c679c
-
SHA1
395fd9d04024b7ec68cc3f980bd67579d58753c0
-
SHA256
dcc17bbccccdc32e1c367b82b809c19ca150f1c0979e3f99da114882cd3a3bfa
-
SHA512
1bfd10575267e94e2194db560afbbbb93573c846c894a5457f05e686c92255403e826676777da59d6622f6ee4a582812ebc6c8a2032eff49625c44b8ccc3269a
-
SSDEEP
768:44VsabKTWpsi9NBoAMdQeFIce9SvglA1lJ1EKV2NOr+Tf/rl/mlnI6IhfvvE5SX2:449bKTWpr9YA5FUglA1lJ1EKV2NW+Tf4
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2072 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2072 AcroRd32.exe 2072 AcroRd32.exe 2072 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f050c26101fc20d7c0fd541a42c679c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2072
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55b2d82601c7a3ce2594dda41c21420ae
SHA17fa969789df4b87ecdf3e0572f7ee24390a69dce
SHA25664f86998983493312666685cb7de2379bcdc9bab03bfae46e25200899e54182d
SHA512c1958c385d3dbf67c898582f18ef4b55acb538e36f7a9fcec76f0c8f82a449337b641ca5fd4e7020a225a2ae2a46dd6330b12bb010aa7533ac5b39ad7f4c3bc4