Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 19:16
Behavioral task
behavioral1
Sample
9f467ebbcaba16e4c3225f48995f8034_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
9f467ebbcaba16e4c3225f48995f8034_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f467ebbcaba16e4c3225f48995f8034_JaffaCakes118.pdf
-
Size
47KB
-
MD5
9f467ebbcaba16e4c3225f48995f8034
-
SHA1
f79647cacdef9af0054a7ce6d113a95cba0940a9
-
SHA256
a8e31cd709da782ae37a8d35968ad408ac8e42aab0a0fa8910c400fd9c898eb4
-
SHA512
d709539a4ca64b4332898b377d4c2d2191e28c0dcf0f1f162edb8e35e4124c684baab44c77c4b2c530e8f6db6c33977270a3010a130ddb6b27b52cbbce3e7113
-
SSDEEP
768:jgGzpDyBVksi8k0+1vhaNFUNVlvFEfqR05/L8gqApTYLhG+/CL8ch03FIyehJ3fP:cGFmMfFEcU4gTChwm1IykJP36ny
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2188 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2188 AcroRd32.exe 2188 AcroRd32.exe 2188 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f467ebbcaba16e4c3225f48995f8034_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2188
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aa344474d3eddbe15e525a16ee9e85b3
SHA13d39d711b6d4018f3c4e1f683e555c6540515883
SHA25636fbe6b266951a32e7f891ea06d05bcd5e12b1558ce05326be6cac7725566586
SHA512583fd2434e3d2652b2bd1a4516e3d32da8e840510274bf1fd844fbf281a1e819f058803d40b580bebd1445daf4c3186209a9b0b2208db67d9c05842aefb3ba47