Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:42
Behavioral task
behavioral1
Sample
9f2f08e06f1e593e9e13a85e15108d5c_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
9f2f08e06f1e593e9e13a85e15108d5c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f2f08e06f1e593e9e13a85e15108d5c_JaffaCakes118.pdf
-
Size
16KB
-
MD5
9f2f08e06f1e593e9e13a85e15108d5c
-
SHA1
186a2bb2fb5d2061251fd40105657adc17caafb5
-
SHA256
d6018e60051f0bee42d27302a23c79ba6dbbb6c8fae2f28b3a6ec288cc04a1cb
-
SHA512
5fdf2c46fe6fd17b61a77aa59ae75f8e15291f43f6ba473e10b014f4d13089d2af0615ec317d226c5c16c7643ee276b43dbf73e11d14c0d953edb64131671a16
-
SSDEEP
384:VzPB1zsZ1z1N32HeM8ulaDPuBtYuWrrsLUdoLEr8cWsjgeQKbmnC8fQl9t:VzPLO1z10HeM8caDPuBtYuWrrsLUdoLQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2220 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2220 AcroRd32.exe 2220 AcroRd32.exe 2220 AcroRd32.exe 2220 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f2f08e06f1e593e9e13a85e15108d5c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2220
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD549f5449bdf9aa8b64c6b9c23586780b4
SHA1e2c89bca5340ec3d158bad71da6dbcd6db4223cd
SHA256a69badc96691219861f02a1a30f33486680eccdab563baf4e12fad3931e99031
SHA5121d8752e5e74544705e58c542a05f820453ffb817dcbc0324d59ea70b607a26aa08d81ac917017a67ec04d03865acc25a075216b64e3ccd9d6310442bed795510