Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 17:43
Behavioral task
behavioral1
Sample
9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf
-
Size
184KB
-
MD5
9f05e42f8528fd0cdc8c8130ddc4405f
-
SHA1
11adbb0f820a295a777df9e7ba338853e9624fce
-
SHA256
8dcec80ad09765cfdbf5d83fe9e62afc7b917c27f4d5aebe7ecf27749afae62b
-
SHA512
03ce353e1e22643d7f97031c78aaac0e9c358b2a41a53cc474dc17eb485b2c8a5d79f42970ee668b0dc750c37b18a9541789c223429ceecb6e2b6c7ae2ab0489
-
SSDEEP
3072:sg2irbxzGAFYDMxud7fKg3dXVmbOn5u46KjnHTGCTbnvmfM4T68SM:t2MKlWQ7Sg3d4bOZzGcqMU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2244 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2244 AcroRd32.exe 2244 AcroRd32.exe 2244 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f05e42f8528fd0cdc8c8130ddc4405f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2244
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD521d7e4b03fdafdbf068496916fb87c36
SHA14ae0dc85c0a6de0a69ef548f0ed6d9121b2c7b88
SHA2566e63b7f642fa3538b5f24530d87a72dfbcbd409df7113d79983491867dd5d1c7
SHA5125713b9a73210e8c36be6de700ca3a964577eac871fc986ff2e294954366968a855d8912d55f93d074801f7e7ac3474c60f1265e6c3808b26b8cb817b7aae17b1