Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:40
Behavioral task
behavioral1
Sample
9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf
-
Size
34KB
-
MD5
9f2cffe6fe6f439e7d3c56a23d2033cb
-
SHA1
5ade909faf2023f579d78c14eab1d71801cf23d3
-
SHA256
4109f59b9a74589861f32df2e0c5acda3ee4f64831bec44175707b277f432bff
-
SHA512
4ae7e4042d79a9748fd07f18a97433898e2d96568e54654d5e60a8adefe0bc3c0572f992ca053a0c5b1cb2025f77b6a1dfc9b5e9c477a17117dd04a7c4e86060
-
SSDEEP
768:SXuMZmwgCLWarrhXJnPAVYWlkEfkinC1Jzk2aUV5EEb:SXFZmGWSZJRWlkwkinC11n5EEb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1948 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1948 AcroRd32.exe 1948 AcroRd32.exe 1948 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f2cffe6fe6f439e7d3c56a23d2033cb_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1948
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aa38355b9e3ea9557e57d25cc7c0b3e1
SHA161d2c9218e59331d6a95ed59b3b8c08e15f10433
SHA2569c0e8ec34896e2587d5b87e0b216cc0c956bbb1ce220e321718321848b9fcdef
SHA512a8df686fd7481fd625940f82f15401ebc8b6a37b8400ae39ac1853bab2588c9e97459cf7b867edcadd2dc227a4ae1dff1adb9decaca71e584cba8b74b99b5f32