Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:10
Behavioral task
behavioral1
Sample
9f17d6a8f3a69d5e942fec61e226df2d_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9f17d6a8f3a69d5e942fec61e226df2d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f17d6a8f3a69d5e942fec61e226df2d_JaffaCakes118.pdf
-
Size
183KB
-
MD5
9f17d6a8f3a69d5e942fec61e226df2d
-
SHA1
c611fc043afdac31e7e0bb67e7521e320d0105ef
-
SHA256
ff2b7d80a94836b4c7e024905621c07d9e5a31941085b80648621682182f3ece
-
SHA512
7c686b8194b7b02f1392bb2c82bf4f17bd9e34fbd6fd4fd57755a1eaf6e0789162de39b0c7e380975d775995c5f85041dd168d2266684e3ce9d620a9afea7335
-
SSDEEP
3072:A2irbxzGAFYDMxud7fKg3dXVmbOn5uk6Kjnz/B7r7IBNY/QzmU9Sl:A2MKlWQ7Sg3d4bO5pILYD
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2116 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2116 AcroRd32.exe 2116 AcroRd32.exe 2116 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f17d6a8f3a69d5e942fec61e226df2d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2116
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f0bd31332dab0a76bf064b3ba93bbb11
SHA109b374df1f23066e2afa7c3190f7ac4716e4fe8d
SHA2564fcbc2cf97db504744032611453df78bb32257f3c6de711a9570eab478e9e2d6
SHA512c9dc8b8b00f40e10f098eec44c7039233acd0df165346f8c41b50902455c51e750c2714498fb2439befa87395d4edc02fe0605fb757ddbe059edec22500b965e