Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 19:17
Behavioral task
behavioral1
Sample
9f46fd7ea8226286c104970eaa47ecbe_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f46fd7ea8226286c104970eaa47ecbe_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
9f46fd7ea8226286c104970eaa47ecbe_JaffaCakes118.pdf
-
Size
38KB
-
MD5
9f46fd7ea8226286c104970eaa47ecbe
-
SHA1
212a182c25251397dead1fa7377e8d8a50de0a0a
-
SHA256
93009a50f2d08a7036bda652676719bec21c8453e9d48acd0cb78535b67b26c6
-
SHA512
c3afa1a814b03e88ea395003ab4755def386be8bfedde55bc59f9a192b200dd0a4c243b070947a716e16715c2f096d4e13de2f75096d4a91143288f6bddfe8c7
-
SSDEEP
768:UgGzpD7p+E7r6I5JmMAHfRpvXeBrK0bIUw985uDrWuoGpha6kmC5:hGFvp+5XUIU08InToU86kmC5
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1152 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1152 AcroRd32.exe 1152 AcroRd32.exe 1152 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f46fd7ea8226286c104970eaa47ecbe_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1152
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5211e436ca89d95709d88781b27ad2700
SHA1882687c0c6c8b78cd6166151ed909cced565ebad
SHA256d165807db888a005384f63462050a0cd6c882a78d972b32bdb3d8323a329d5be
SHA51261887540667b10dfcb9d282fccad6abe8e566e245f3aedc77fad2702a322ff5f092e9dbab1035497e87ad0c1f82f60b4562af485e7bfcb8aaf61dfe26917f844