Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 20:50
Behavioral task
behavioral1
Sample
9f79be4957f3b283478cda0811bfd695_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f79be4957f3b283478cda0811bfd695_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
9f79be4957f3b283478cda0811bfd695_JaffaCakes118.pdf
-
Size
47KB
-
MD5
9f79be4957f3b283478cda0811bfd695
-
SHA1
f33dabb313790882f810decbb7ddb23b9978e618
-
SHA256
db5c199b99616a8b237bf5503dcbb06fa413455e0001dfecc1cbd2891ce41fdf
-
SHA512
b68d7e2e56c45b21eace0e464a48fe642536a4b121173f43a731e584329982ea49453e7e0fa15b3bcc9a6f3497275bc606f89bd0f44b3e3c5f563976916e042d
-
SSDEEP
768:VgGzpDDpmvWZe5e8XJ2RAWk2KIDwBwDUKQ231yGLzK19E2hRFHUZDxoZRwKzYP6n:GGFvpmsRlkBbbEAnHUZDazYP6Bc+
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1796 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1796 AcroRd32.exe 1796 AcroRd32.exe 1796 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f79be4957f3b283478cda0811bfd695_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1796
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f80800d1ec158be1d0049170f53fe0de
SHA13d7f6e02ced38c5fd97228615475a43e4eca076c
SHA2569499d2e7345eeaa05751d0a6a0ce3b6cc28c880be5d2951d1158644505e27aad
SHA5120c705eee0ac9cd118f6ce8700603378b0271e99d88ed0f6faa9e380899698eb7ae0220372ab5d24656ce98a464066deafbe5f5f2d3c90a11c897663e05e57dad