Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:05
Behavioral task
behavioral1
Sample
9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf
-
Size
48KB
-
MD5
9f1428a620d28b1cbf63ec709d4092f7
-
SHA1
d802729119ad1b55f7fda86bf7e86dafd5d72a07
-
SHA256
66dc853f941676fb0a44d72f219186bcc162db5c3867aa81b9c04e65192e8cf0
-
SHA512
802ad471b9f6050aad2f76295e48dc6ac9f7e98ac50afd81de7b413cde1fd9693709ebd473406d53f6c13712352733b07667fef62040b97d43aaa345f6e69a1a
-
SSDEEP
768:7gGzpDMpgs0VeE/3pDdLHXZ8KMxkP5qsEswhSpzFjukc4dhh9EgG5P8WY7ZQPqnd:EGFIpgkUcs6cBBcg765P8WouPqnujC
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2392 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2392 AcroRd32.exe 2392 AcroRd32.exe 2392 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f1428a620d28b1cbf63ec709d4092f7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2392
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5221feb75c6dba0255730d036c475907f
SHA1951d32c017cab7af0a983b7019fa1b3d829d40b3
SHA256e39c9c6b733cabf5c7fbb525f60ffabda24309ae5e7efdc4bd9685c78e9f9b19
SHA5125aadb5c8d7675cddd59f0fbb495da513e1ba3876c1fa2330bab2b5d6c1c620570bcb3ba0d1ff60c0b65b8c0755e8bf1c4bf76c880106ec73a4201b086ee59b5c