Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 21:19
Behavioral task
behavioral1
Sample
263f8af2f9fa8e69bc5aaf73c11d7913_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
263f8af2f9fa8e69bc5aaf73c11d7913_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
263f8af2f9fa8e69bc5aaf73c11d7913_JaffaCakes118.pdf
-
Size
9KB
-
MD5
263f8af2f9fa8e69bc5aaf73c11d7913
-
SHA1
4176d7ab5f5935ec2c84c10b415ac62b60a66c9b
-
SHA256
c714d8f97ddc99d30955878ac8b199316456afaf9de4f39f3ef40088f2fe2364
-
SHA512
caf4dd8df4d096d9c7a5f17852eeccd8b6faf42e0f7cf1d17f4dd9d6f53ba91bcca32ed646dd30eb925bbe191960d4fd1181b6fd904b4b3746da774b0f9322a7
-
SSDEEP
192:yPz4ULMxLIKXHsfyxpz0jJDBh3Oe++SmXEIN0rT/IujUNLyKOMlzzX2e8KRhGz75:yPz4ULMxLIKXHsfCAD/PsrTAuuLTzzXs
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2052 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2052 AcroRd32.exe 2052 AcroRd32.exe 2052 AcroRd32.exe 2052 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\263f8af2f9fa8e69bc5aaf73c11d7913_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2052
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD533e6a795fc6304a6ba07486d0ca86fe0
SHA11008f6679292843778f3e82c9a2956af90db9cb9
SHA256423c55cd2cce6cb2d0bfe49df154e1e3c25a3d614a4ec936d34b9188dc4cf43a
SHA51210f09212031dca707731c3fd7e62df970097da88dd7da70f515d048dbc13ae8d68e25d872809f665e5114dadfdeac4659e145febae1e737b4c8014b2f34d5780