Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:49
Behavioral task
behavioral1
Sample
9f33644dea8e670562024642180b3d41_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f33644dea8e670562024642180b3d41_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f33644dea8e670562024642180b3d41_JaffaCakes118.pdf
-
Size
49KB
-
MD5
9f33644dea8e670562024642180b3d41
-
SHA1
ab389ce5ab09fb5d70cc8095b96076c1203fb344
-
SHA256
d3540b1c12d93f6614aa4e6a1da4a35278b1d7779c87a7c01fdf8118e9e5805b
-
SHA512
6c3219cf9f7cc766c61514e72d355c26ba0907666431b2c5780a8b75c5eb117950ca654df241337c593b859db88527defa7b589b67f9a71225d36afb1b991c4a
-
SSDEEP
1536:UGFQpeQAukn0pnl+wwmCNByGm6XxVKfy6BOCpQ6:hFQpeWFQCpBOCH
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2324 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2324 AcroRd32.exe 2324 AcroRd32.exe 2324 AcroRd32.exe 2324 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f33644dea8e670562024642180b3d41_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2324
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51723f4c34607f703ac2263360ecc9c7b
SHA1b5e3c9b76fbdf4e7fb8ffb32a1e37ec51b2fac39
SHA25606d25f1980251bfd0d679d33a9451e680486b171ff1e59afa0d859fb12b19a16
SHA5124422ad7cb8669e450cd814e8ec4c8769ebec9c3563bdd905a9f8556d5aa4517d2acbc903bf61a0b316c26309dc13df011c6c6e53d74ddc7712f9e3104f13cbd9