Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 19:36
Behavioral task
behavioral1
Sample
2601c68afbda1f3a08d770fa1ed00ac6_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2601c68afbda1f3a08d770fa1ed00ac6_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
2601c68afbda1f3a08d770fa1ed00ac6_JaffaCakes118.pdf
-
Size
9KB
-
MD5
2601c68afbda1f3a08d770fa1ed00ac6
-
SHA1
10cd3e999d848c78859889fd962bea9b1a232055
-
SHA256
44073332ff4df7cebff8f38fb0be9a6fbad5a989562a78ae8cefa7a04c8ca292
-
SHA512
23b1b8d1f388db60788ed85233ce6a70e8f399f13966be2ff1e57e4735d7f771612f7e7b51f8c7f69ee2ba1f6cd1334c00d7210b730e51e2b12d4ef282e21d2b
-
SSDEEP
192:TPz4ULMxLIKXHsfyxC5hxlA4ZGBDaUVGVdp8Ba6HhIfjUhgqYve3V1z23m6kCy:TPz4ULMxLIKXHsfCkxLGBDTGVLF8/PFV
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2080 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2080 AcroRd32.exe 2080 AcroRd32.exe 2080 AcroRd32.exe 2080 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2601c68afbda1f3a08d770fa1ed00ac6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2080
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f5596d75d15c9c0f4bcba16def0d078b
SHA13fb8884bff34b6e53271c41c477bf487a445f6de
SHA256894d8d8ed62a3817f65db5e3e7390147254b1cc9933bab449e543a3544b486cc
SHA512b7608a320abe8d7d8e76b00fdbf72189fb9b17ec0600584f91870049147503da5bab76c8e7efd9228a8d01d457b0e2c5d9e6a3810297e313f53e8fea27663518