Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:54
Behavioral task
behavioral1
Sample
9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf
-
Size
20KB
-
MD5
9f369e64c5013474e2ab637d13b6f64c
-
SHA1
58fb6dd77cc514f45e825ba0b42da8d469221be8
-
SHA256
860a88c8285e1c0d80d7dc482604b81bcaaba871b45d3896144a307c483ea334
-
SHA512
f9bb9185cfa201847baca2f62a2e0db9a25ae75b94edabf452a68815a42fd79b01bb5980f7d77ea38fda55fd16c51fe9c41536e08d5741b991025f77984644ec
-
SSDEEP
384:VzBdmFHxjz1blIYpp4cxppvcr00DZ0nWAt5lxca46g2UASglXlkcKdD2gAfIXmE1:VzBAdxjz1bqY3336b6WK5lPG2fTl1BKd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2124 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2124 AcroRd32.exe 2124 AcroRd32.exe 2124 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f369e64c5013474e2ab637d13b6f64c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2124
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b709b32c11f5b6096a6d5219da538693
SHA1d3f13de5925abcdc2f7f0742060e16718d1ec9a6
SHA25610fe7824bce77b4d15ec0956aef8835100f840b7023137f5b21cab2d859c9c33
SHA512011648be90773f9e47516eede4b1f4ab046231c2d9ae561288f5cf3f90124058e9499210f6b6c4f9e9da076763b5b5143efd48d3299982a8c1926b485ecbccde