Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:28
Behavioral task
behavioral1
Sample
ffe5bf45a7352efb6350621df998bf83_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffe5bf45a7352efb6350621df998bf83_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffe5bf45a7352efb6350621df998bf83_JaffaCakes118.pdf
-
Size
74KB
-
MD5
ffe5bf45a7352efb6350621df998bf83
-
SHA1
2c04eb87ef5732b4793a3b45a4f9605fdf2a0c18
-
SHA256
d3fed1a6071e7448a5a403c71c101ff651fb002c0e73275e46c428c9fa3f91f2
-
SHA512
56a138123f9569256396e7dde3cf9aea3364ad330e47ac38b0cad28b57efc0800ab1f8553711d5dab8a9322c8f78679fe17f063a24aa47682e490297bc49ad1b
-
SSDEEP
1536:x2IKY/rpfZHgFHVFY3/+mBJxD+yygiKnxLOuzqCdof44aUJuK7RGNfPt/zsj9:nKYtRHgtYvTBWCxLOufdog4au7MfF/z8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2064 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2064 AcroRd32.exe 2064 AcroRd32.exe 2064 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe5bf45a7352efb6350621df998bf83_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2064
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD529242754824efd8c37222a702315289e
SHA1335926feee3ad7321dbc338c756b3165ea08f726
SHA25617d92b7b359d98d2e9461c30bb85aadc25240febdd191ad7ba105e34dd608a3b
SHA512621980f21e4075c5b68a8a9a4f4012f6a485c7ac89a61a72669afc3c76815f583952f9cd6370a0ab1b3398312831b221b8fdc81d893f5a47a3655f3dfbac59a2