Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 11:58
Behavioral task
behavioral1
Sample
085f2a9526cbccc6179a4f9070faad26_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
085f2a9526cbccc6179a4f9070faad26_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
085f2a9526cbccc6179a4f9070faad26_JaffaCakes118.pdf
-
Size
8KB
-
MD5
085f2a9526cbccc6179a4f9070faad26
-
SHA1
e690c48317315d103a3e76ff81bd0744dd668ba5
-
SHA256
91e903e24a7c7ac18bc71a8b5d6884c7d3bb65930875ba4afe3d52da5fd86601
-
SHA512
29b5923441b062b7967ae4d27255b310bdc312f7ff7dd452a9220952d576ad9229715eecaa587974de44c1e84aaeb2cf372c364bc327f5af470d1c899ddb3351
-
SSDEEP
192:bP5uFm4k+jRSWT7h/m7daP2SVPAYyPUtSZ4pNYl:bP5uFm4kMQWT7QU2S3yPUt5Yl
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1796 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1796 AcroRd32.exe 1796 AcroRd32.exe 1796 AcroRd32.exe 1796 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\085f2a9526cbccc6179a4f9070faad26_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1796
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD591b915f35a1f15cf812ceb47838c6226
SHA1fcddcac4a1f2daf965b3a0da68d59138e70a70f6
SHA256e3bd431d92c5e7be66794ff6b11a5be73fb9643d1a3b80e045ec59f716b8c4df
SHA5128907a1b6da828ab824d4d282dc24be3a79c9aba4128229aa26bdd04a9b831117e51f64e8f5b1ef4f648dd1c6b96dda5afdc37458d52d2e37450a6f5f4323c18e