Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:12
Behavioral task
behavioral1
Sample
9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf
-
Size
37KB
-
MD5
9f198bb0e0231fbcd9b31eed694fbab1
-
SHA1
d48dc5741173f5d00bf9c278075ac816eca6b13c
-
SHA256
0999091d17bd3d83729ce40ce48440609969dff78f26ec7c0c32e7227176d2fa
-
SHA512
bd3978091d7e82e4357d5684a6f109f0965c07d9aa2a065ea72871038c2e2642ddefa0f8a5d4e5261467b8d598867d3cf04a0b251b8d82bd516b1c181dd804a0
-
SSDEEP
768:AgGzpDdplYLiyWK0R/NY+IhW5lryzQ2M4Ewr+MIhE9WqKJf3Oi:NGFJpbylhW5lryzdNhrLoEcnf+i
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2228 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2228 AcroRd32.exe 2228 AcroRd32.exe 2228 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f198bb0e0231fbcd9b31eed694fbab1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2228
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD538de369283698754e7abde9fc102fc8d
SHA1405bc24e704cb69182170679800d98e8bfd8e3fe
SHA256534451f629bdb04118866ccb93236788394fd607bed52b264fc27dd0b97ce788
SHA512439f1056ab442367b2e9b3e2384bb8c7983a0c4111530111d3459f99266a1f5c1c03fd1d1c771d2af7369ab6a155d2ce43898423dae4cc345c91dc4ccf5fcfff