Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:19
Behavioral task
behavioral1
Sample
9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf
-
Size
44KB
-
MD5
9f1e0b28122e11cccb1ae9bcb5f8c395
-
SHA1
1c9b4d283c9b37825e6897e516a4c81fed1fec21
-
SHA256
3a9afc0ea5678b3d02234faeb8061e4184777b8289ecb5cc12ffe49be27fbcbe
-
SHA512
8947b22b308e8ce54c013993c5ae7b149f79518a15d44fa50f438700230c248328b29f85fc2aa67c3bfa2144bce0348e57739130db2727087046399e08f7c50b
-
SSDEEP
768:wV94ktWRuan5xkngciEZQH6It9yj+jDNyW/69bZ0Z+CCXhO1kU8NPUvyHfB5E5/N:w/QMan5xkngciEZQH6It9yj+jDMW/69O
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2548 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2548 AcroRd32.exe 2548 AcroRd32.exe 2548 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f1e0b28122e11cccb1ae9bcb5f8c395_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2548
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cb6022f2c62342d624cc2a10ed6c5b0c
SHA191e6288741c9a5bfe570265bb066fefff3b669d5
SHA256216f6c4ffb81c305a59119e2e8d1027934cb2767fd4c469780f087a53a3e52cd
SHA51222196f7663baf3ef8a10a5f202e50a1101b7c76c49db3dd6e46578699066ff9147cd0729a2272e1f151141029349203baea6a91b43d11be57e6d6eb2e295189c