Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 23:08
Behavioral task
behavioral1
Sample
269135135201f00d55bbe9c94d07f2e7_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
269135135201f00d55bbe9c94d07f2e7_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
269135135201f00d55bbe9c94d07f2e7_JaffaCakes118.pdf
-
Size
12KB
-
MD5
269135135201f00d55bbe9c94d07f2e7
-
SHA1
f2a7370605ee402ef4157acbbc986b46f8a78551
-
SHA256
e95fd46e1607d238dc13e6b879a3b577000a19e32c3717c78ff5cc317301b670
-
SHA512
b7816e430e940727e3e90bbd05ca9c544bbe95b8bd9540c8427928b390144af550421bcb24d395650c3f6e0f98b20bd84291c2a1f0cf314d41e6534c7417c758
-
SSDEEP
384:wPz4ULMxLIKXHwSb/nIdtTgj9gyj6LRKKk0DwtmZEZJJpSVQCFjbkQZ:wb/uZXpsduzjSRKwH24QCFH
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1648 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1648 AcroRd32.exe 1648 AcroRd32.exe 1648 AcroRd32.exe 1648 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\269135135201f00d55bbe9c94d07f2e7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1648
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d4e3321785cbfd652705c455882c09d7
SHA148825f9fd25599488a6a191c77d7838a035be83c
SHA256f622621e143ef72b6ecf7442ff079b53106f89188d324c3a3a0ee33a2b021fb1
SHA512016bd3d705a7b997e53fae91af8adebe7ae4c9c36ff581704f6c5c08e86338697870d05ddfb0cf4f154272a51320246ae046c4c860b794a7258ed73a1f0efe51