Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 17:06
Behavioral task
behavioral1
Sample
ffc1fc7998d3317196101cb4b86edb46_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffc1fc7998d3317196101cb4b86edb46_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffc1fc7998d3317196101cb4b86edb46_JaffaCakes118.pdf
-
Size
89KB
-
MD5
ffc1fc7998d3317196101cb4b86edb46
-
SHA1
fde793b441ba2f5f853c6ad57a9563ba43ae612e
-
SHA256
67576536ad273281c43d654eebd34f942f7a5510e3c832a3e4e4181e3cea7650
-
SHA512
27766a8a8bd1f312d58bd35d340ea5ccd44c85251d62180f8d46b1977f2f3c29a10c58a8141006cd6abc5c3300f2d8337cd95935bb32ff6264be97e961ccbce9
-
SSDEEP
1536:R5ahqtPIGrGotZqNjXgEPVm3mjFjCYnO2kU9AvjWoDF6eXbHqTD7W+KhqFogXBHj:H7PQ+GDgemWjFuE9Av6MF6gHqTDtKhqd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2292 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2292 AcroRd32.exe 2292 AcroRd32.exe 2292 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffc1fc7998d3317196101cb4b86edb46_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5610bd7a1e129f7a1827589ad5326647f
SHA1eb799c17d9dbfc7646d1ab3361b003e52b89cf75
SHA256bfa6fe497fe656b039c1319e8b3da707c0cbef233877f2f955532aef411ce861
SHA5120e1a951a3aca686f42453f2584546b7e9164328db222862781fe489e6b592a8f42dcaf43dd608be0fb23c1d5daa3e850d6d91f427ce60b25e7ebc907d68748c7