Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:26
Behavioral task
behavioral1
Sample
ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf
-
Size
83KB
-
MD5
ffe4b02a42bb6baa4fb02b3aeb8d0e23
-
SHA1
2f31afd545d4e3b4c5610364421c286fc93f889c
-
SHA256
3b879f4505f60f67d8aa1d7a469f16d6358f36ab09572885a5d82d6f3b12940e
-
SHA512
31d0f5785655faa774b6428f4d960efa7071e2b0e3971e99a2f806982fb79311d6e9f2e3410e30f0af4934834fe8b4feab6f48b021b20fcd965fdae6c375fbb3
-
SSDEEP
1536:VRxb5xBbwG5Anh2LDC3j3Em4hnaUz2SrjSVWGpOKCWvKSuF9tq+wbhDtC:J3d04LDC347hacNdKcnFq+w18
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2412 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2412 AcroRd32.exe 2412 AcroRd32.exe 2412 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe4b02a42bb6baa4fb02b3aeb8d0e23_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2412
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5c8bc2b75a0dd7d96675f52bc985bb2c0
SHA1ffdc527a8c706009daa4f2834fb34418b294a227
SHA2561f22c44711affd614de77a7760b99d3d15b139029b4de508b9e1d5c77a6d3e9d
SHA512e3bf291ea8ce40c66d204ae2e4a34dc1a6adea6db4517b12bcadab9c234b13462c5d517550ec39bbaab3ade8beaf029e2322906bdf4d1d53b6ab6dfa5db0e59b