Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 19:04
Behavioral task
behavioral1
Sample
9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf
-
Size
48KB
-
MD5
9f3c3ce9bf3a3fc686f519ad658254db
-
SHA1
5839175a44cde8b34e4c427a41854c878efaad9f
-
SHA256
c3d82f8477fe1b598cee6d043343d13907639a4b4de1e1b1909e6b7dcf9653c2
-
SHA512
b3cfac01e7155ac6f78acc467196f59d8bfab5af5f30586e39ece3cee50b410f84751605f00f7201ecfb6846ca7d01cd1d55ae8b09a9406b123caa953de19b47
-
SSDEEP
768:FgGzpDyBVksi8ALfLyZ0Wap/dnixRhhyQEe5WEXBnxdotqPUQyurlJGhHh3h08MA:WGFmr+Az5TLotqMwTGhB3OvzPcZxX
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2224 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2224 AcroRd32.exe 2224 AcroRd32.exe 2224 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f3c3ce9bf3a3fc686f519ad658254db_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2224
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54365c3b71681911f6214409625fbc0f9
SHA15d8229afcfdd6bd63a6b1951084afa580fb8e207
SHA256cd18f388532105fa30abc1bb92e4676057dbbff6d0cf601bc4c5bc007c6f931f
SHA512ada1613e33be5d868b0684264ffdae99cecd35cb44cf84d9bb4908a820547a94ba871b437a2d812c3d524e02bd29354d9b4e2aac8befd9931253ee43ab53ce75