Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:36
Behavioral task
behavioral1
Sample
9f29e1dde4d5f2b54bfd57c24d32124e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f29e1dde4d5f2b54bfd57c24d32124e_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f29e1dde4d5f2b54bfd57c24d32124e_JaffaCakes118.pdf
-
Size
42KB
-
MD5
9f29e1dde4d5f2b54bfd57c24d32124e
-
SHA1
65fe69d21c80b16232703f6392223c940d5df7e3
-
SHA256
404e119a972bbc285e66032532491f32a0ffe64d7bcd375720c66eba0193fcef
-
SHA512
2f777f0ceb4b7cc0dd4b0afe70725eb036ef314852c2fb34467ba0cf27fb1f5e52a09fccb69dad4c9dc29a6d43fe4b01c338dc03166c3a258c716233192450a5
-
SSDEEP
768:ggGzpDdprLTIiEjAZdTkhdyQfCwUy82EqC2P2b8hMZHRvoocOKvWf7Mu:tGFJprfQjNmqCGwY2HRvRcOw67Mu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1400 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1400 AcroRd32.exe 1400 AcroRd32.exe 1400 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f29e1dde4d5f2b54bfd57c24d32124e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1400
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a43e289f3c287cd50ff1ddf98f213ae0
SHA16fabe27af870bce641d49b1b46648dbd4cb8bfe4
SHA25649b5e0bc295759835d38d7c05e89864551ab2ccb0bb3a1ec2ed0df4df8e6e02c
SHA5126961b54c0861455f658c26d0fad586f706cafa6ca0730e5f40cfdeebe3bd57d243bf9d50620f7608e5d9ca63736434989b72107a082fe31b0f932bdb887b1c60