Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 23:21
Behavioral task
behavioral1
Sample
269bbf17693ce6c122fc4f3e5228ff50_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
269bbf17693ce6c122fc4f3e5228ff50_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
269bbf17693ce6c122fc4f3e5228ff50_JaffaCakes118.pdf
-
Size
16KB
-
MD5
269bbf17693ce6c122fc4f3e5228ff50
-
SHA1
91c4a76e54df10bdf11f4f0c47af9b743ecf962f
-
SHA256
264e4d3a0bf0e2c055156eafddb560e6edaf1858db4d71c2a8c611b55d5aa2d0
-
SHA512
5c055978fcb2805bbfbfbfd28f5e0b3e51b6e66cc08799a0722fbae69be478c2b2e4328218ccd5d9ac1dad9e1721f24843684c4cca7ca7295acce2bd538a6a3f
-
SSDEEP
384:vPV1T1MwzrXXycuDiTy5RCumgziPDKMp0mXE26kNGGY3:nvCxem4D1X963
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1700 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1700 AcroRd32.exe 1700 AcroRd32.exe 1700 AcroRd32.exe 1700 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\269bbf17693ce6c122fc4f3e5228ff50_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1700
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD549f31029fae53972df2c74be831f6497
SHA1528c0e4408695ea9dfdd43b2a1b3fe763ae102c7
SHA256c03a28f475b33a1c23b06aa36d537caf9f4590ae4c643752153389ce6b132e1c
SHA51247b4c364865ce4fb8f078cb20c9900a13cc8b69d95d9096deaba40892650e3b5ae148ebd9322c622494503fde012e5daaa9f2c013721454c3bf759be6c85c873