Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:24
Behavioral task
behavioral1
Sample
9f219a7c3cecc96f3a827ec1ed0503c8_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f219a7c3cecc96f3a827ec1ed0503c8_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f219a7c3cecc96f3a827ec1ed0503c8_JaffaCakes118.pdf
-
Size
184KB
-
MD5
9f219a7c3cecc96f3a827ec1ed0503c8
-
SHA1
05164c469112b0b6255590549509755fe859c3aa
-
SHA256
37a0844da59908720acf64a651f68898ac4f5b36f541762309528c7d723901a0
-
SHA512
7dc4d02fb4ef6b78f81cd4099ae49cad162cefacdaba958df276d234855a3d407973ef67e6fe05f7488e4e4e6029fba19ffa326888c051017320c3cec0db52fa
-
SSDEEP
3072:12irbxzGAFYDMxud7fKg3dXVmbOn5uY6KjnHyxIev0HnY8qZeH3hSE:12MKlWQ7Sg3d4bOBSeY85
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2324 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2324 AcroRd32.exe 2324 AcroRd32.exe 2324 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f219a7c3cecc96f3a827ec1ed0503c8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2324
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD534328d58e3e3eb944a37ad0478bdb769
SHA141a5caddb2c0b214e6195afbedc72be24ef81902
SHA256dd97c7023e959acddd87b152b93d4321645e11db135f05d360554d67e14bdb95
SHA5122908f71a93c1f6ae842f3b56a62eee2a0b839b45488da0c07d487d2b88a1a63333fa1eaf5751c411515e8023d745c342da0e4cc8417bf9714374ceac98f7046d