Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 23:48
Behavioral task
behavioral1
Sample
27364ef5c4f15047a4f3b987af3a1aa2_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
27364ef5c4f15047a4f3b987af3a1aa2_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
27364ef5c4f15047a4f3b987af3a1aa2_JaffaCakes118.pdf
-
Size
18KB
-
MD5
27364ef5c4f15047a4f3b987af3a1aa2
-
SHA1
6642a7e31f8081841e17f9290c352cc7ae1b5653
-
SHA256
8a49522ca800bda772604c5a4968c50cf9e143b1fa4032b290b83c3318c9ebe4
-
SHA512
daafc73190a9606406f69d7bf4841e5d909da646bce0e5b3adefc7c57c7921bf6c9e933bd89ce40e9e9de6ade91927f56a1c31e1bee5238be2cf99bee602635d
-
SSDEEP
384:7PV1xV5//bQRL6W5zEfGEXN65UhcU3vowH5N4sAnerTBaumGhHHGGYA:pV5//YLe/NQU3vdNpAner1aumGxl
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2276 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2276 AcroRd32.exe 2276 AcroRd32.exe 2276 AcroRd32.exe 2276 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\27364ef5c4f15047a4f3b987af3a1aa2_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2276
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c58c04a33c244958891701b46f36f3cd
SHA1ccfdb181b1e1fd21c459ec958902f4b6364a76f8
SHA256809c8cecda2b3dc353e302513c06b582c9c9334618fcdf29b3d47e3ae82cdd63
SHA512abe213b0eab9cb45a03589c9fa0d389bb4c799ac43614d8726274fe3e1f1437499f2475535cf5fa9ca10898c5ed36bbb3a09b8fb5771e77c2358bf91d446a3f8