Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 17:11
Behavioral task
behavioral1
Sample
ffc3a8b46ebbf8276bd137f4e64a597c_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ffc3a8b46ebbf8276bd137f4e64a597c_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffc3a8b46ebbf8276bd137f4e64a597c_JaffaCakes118.pdf
-
Size
82KB
-
MD5
ffc3a8b46ebbf8276bd137f4e64a597c
-
SHA1
e9f934d69f747e69fc07887c0a28e1cb35e642d0
-
SHA256
773278805aeeee1a1c2c6a5f56598841c2bd31ebb75be85508391f8e8342583a
-
SHA512
6b3094fc3e5d88e43296c211c17dfc21ee89122feb6ad2061f785e81e3b3e486040fe8f00486e32bfad93117cc5b8371455d401eca18ece26d72a3f76845331d
-
SSDEEP
1536:2KMdBupjnJpxKUaH6AMgFNMMDAOZ7udttlWSp8dPqnnVAudwMOW4VOIACiYBiWxv:Wb8jJWVFrtAyqttctPoA9IINH3GJYP
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1200 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1200 AcroRd32.exe 1200 AcroRd32.exe 1200 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffc3a8b46ebbf8276bd137f4e64a597c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD561eed2e06b8cf188a72351de1d4c3116
SHA164a5c1c1e573b013252ad29a59b3f5353d08e8b5
SHA256583cdc52f9a9cd15d7de22f2f254975a53574c6d9945f9a081ad488dae2e0650
SHA51209664fa905f2adae73590d3e32f8c3cf726d4131cc685a1397a0e53431780ed96a3347da6fb9757c2184a498fe904c56f737039f423a075c6f2c25ec8b1aec56