Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 17:33
Behavioral task
behavioral1
Sample
ffcd3fd49ccb749a9fe8f8c487a61de9_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffcd3fd49ccb749a9fe8f8c487a61de9_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffcd3fd49ccb749a9fe8f8c487a61de9_JaffaCakes118.pdf
-
Size
75KB
-
MD5
ffcd3fd49ccb749a9fe8f8c487a61de9
-
SHA1
8ea4bacb4064874fe6b4da588e2798b0c7d7220c
-
SHA256
ae35ed48ee7500b0e23b8137de1d21902a8adf72b96181d209da68bd8a62c06d
-
SHA512
e37dae6923e36269ba94c317937d5e2feb40021ba819d96e0dd748160c570fa2950d4fe4c47c69a465e93cce5b48e3b0a1c9abbffb43cfc0de5fdfc1d72f648b
-
SSDEEP
1536:cddYgOT/dH10eIRN2Gfk70jvwEXjoQhkW9mbUluu2GlV6mu+RL:0dYZTlVwRNhkSoEXUQFYUhamu4
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3068 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3068 AcroRd32.exe 3068 AcroRd32.exe 3068 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffcd3fd49ccb749a9fe8f8c487a61de9_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5637c827f4409c2ae7fb7ba318ec6e309
SHA19f7b99834403f86849db7a3fc9e24a6847cb46c9
SHA256c43903f9a535b5e972a5f24e0004a729d64dbb77ca89a0a18456e6f050d7324b
SHA5125450b09d309acf868646ae7f5eb58db7013b39ac34762524968c17ab51beaf93b7d3f3657e740c407bb302104ef25c14ca4ec2a0ce0f44979d35af4e9166dd84