Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 17:42
Behavioral task
behavioral1
Sample
ffd07847cb0dc8702c4578608c4179d6_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffd07847cb0dc8702c4578608c4179d6_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffd07847cb0dc8702c4578608c4179d6_JaffaCakes118.pdf
-
Size
106KB
-
MD5
ffd07847cb0dc8702c4578608c4179d6
-
SHA1
a28c2414a36bd3fe613a599ea2dac9d6b473dd48
-
SHA256
4b6a83aec6eebbb01913fb560db6a5bb93c46ab12d16ddee2bb50b9b6adf6dcc
-
SHA512
798811264ff3066e22f92f8f3bdb7032e0fa961222b6e58371e141acf6586b0955c6ac1458059bcedf92392aea40333d07c3627ee8f25718720eb7b1d3c5f4b5
-
SSDEEP
3072:qMu3U7ZLJ+kIQEkQ4em9Xt5aY7cVOJKwfs9ReOUrZ:M3pkIQP139XF7cKORu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2064 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2064 AcroRd32.exe 2064 AcroRd32.exe 2064 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffd07847cb0dc8702c4578608c4179d6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5eaa58b0094d7cec664b3512d6ab4c132
SHA1cd11cc0b7944d6df8ffd4763677f6318e13ef8ed
SHA256f8f3979efd90d60c9d8ae62c944c162d45e0641420475fc0fe9d0370b9fbd7fd
SHA51239cabf9b2fdd5eb19de281b4207c34965f0afe6e26cddad9fd85ba5a49d71a3916f6d8bd5e0e2349f55515d0482678349c83cf77604741e63c83e112e358358e