Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:20
Behavioral task
behavioral1
Sample
9f1f2c35e55b767138966cc76df6ebdf_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f1f2c35e55b767138966cc76df6ebdf_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f1f2c35e55b767138966cc76df6ebdf_JaffaCakes118.pdf
-
Size
36KB
-
MD5
9f1f2c35e55b767138966cc76df6ebdf
-
SHA1
b9ef3f91308ae97e42eca0d3a292a87c5328b843
-
SHA256
0fccfb51d3133f91e978b7b3ed515c779dd4b15afb29e995a1d5636f44d1a813
-
SHA512
b68b2c4f6f6f59b25abe8cefad0e87faf1113827b07d1c577dd07aa6d6583098bf6ffb5854ba99334df1103291bab15d94d7cacaf4b9bceaacde392448a38e6b
-
SSDEEP
768:wgGzpD4pls/PJYjUEviuVVZ3pbPLge34Iy1DIMnRfR+bUS1OVs5:dGFUpwypbX4ZDIofYbUOOVs5
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1440 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1440 AcroRd32.exe 1440 AcroRd32.exe 1440 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f1f2c35e55b767138966cc76df6ebdf_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1440
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52d4e0ff04d4f39ebcf8f50919ec4b879
SHA1a331bff09e9547c76bdb876ee0544bb64e1e9afc
SHA256d0c92098b5bc2c9684ce968dcd9449d6af44bd25066addfa7168f9b0dea164b8
SHA51278edfbdbc1839fb15b892437d3e967374787478e1bdd44a828b50c68e7a844d994236d7d68e0666e1725c6c67ce65786331e357c89244375353359ba3a7178f5