Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 15:32
Behavioral task
behavioral1
Sample
ff99093cfb8e070cb232a769dabca7d8_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ff99093cfb8e070cb232a769dabca7d8_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ff99093cfb8e070cb232a769dabca7d8_JaffaCakes118.pdf
-
Size
94KB
-
MD5
ff99093cfb8e070cb232a769dabca7d8
-
SHA1
6228fbca6218e4c9acbc3f69b4f524e1dbc47877
-
SHA256
b02d0526bb0009595a803672d169675c95de64ffef966bee951c26ab20be8d95
-
SHA512
04c24d8c01729dec7363808cfbbadf7c1b19ff4af5e4c864b1032b10a6a9e3aa5ac6781fdf73c2edc83a67d749471cbf71cc33553c9a2b40b36ac1f62f124ca0
-
SSDEEP
1536:egVq2H/7AXj3Za9swpJ+kB/eNTQBqiGv0omvoQ+XyDKWnn8sWalfHANa2M8cWW8U:17oZcsucyLGv0omvoQ+ut8GcDM8c17R/
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1612 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1612 AcroRd32.exe 1612 AcroRd32.exe 1612 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff99093cfb8e070cb232a769dabca7d8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5b39fb5618eb1c72d64da54dea813de95
SHA1ca49499f717d8c2d66d6d53df87e32c9de0d96cf
SHA2567d533c7d2db19e7df1565ed25f3f9e46d6258953437539902e0f62f6f6bc2c59
SHA512ef97929f200c5b373af955e2959f39f7b1d7a174f897c0c06a35e86cb342c85775b78bd2d3646fa3aadadc738b4397795f372f8ad6f56a798926cb589dd7a71c