Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 12:52
Behavioral task
behavioral1
Sample
089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf
-
Size
8KB
-
MD5
089c77e08df54c079b4bf77e90e03743
-
SHA1
7f7bbdf258af84239f3452f7b3d450d3799f6c63
-
SHA256
b6d0bbe15f2941b663f228b801c452677700ee275762aa91d04f006c1e6710c9
-
SHA512
b9c512b4a5e64bae6e517e371f3dd2c68c3c15bdcd352ecedf5a08489dff47876498df77af05b99bb49a2dcf86508c05d3f7a0c13db4909d679e8bb26621fd11
-
SSDEEP
192:gP5u7kLs/CP/VZnpaJeEuPLKqrMpKK3ZtGIItQzV+zXuyykYO:gP5u7kLsaP//npseJPLK24ZtYteLfkYO
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2896 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2896 AcroRd32.exe 2896 AcroRd32.exe 2896 AcroRd32.exe 2896 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\089c77e08df54c079b4bf77e90e03743_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2896
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c6a1ccbb5b26c6c8be9c54394e122b3c
SHA1693b3a223adb0dd77bf6f7b27f3fe7946200511f
SHA25664b06a05466be9f554f5945e0e10d9df5a5bae02e8b45d6c4adbd1eeb7678e1c
SHA51238da0873cf2f99ac0407017297c1b7a6536bac8358bd244d200441a62eb4d9b32f89163c0b6a2388008fee736dd36d2b606d78638b23a34404c0ae226e2d5e5a