Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:32
Behavioral task
behavioral1
Sample
ffe7d31f562f45d1a299211aabc0ecd2_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffe7d31f562f45d1a299211aabc0ecd2_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffe7d31f562f45d1a299211aabc0ecd2_JaffaCakes118.pdf
-
Size
86KB
-
MD5
ffe7d31f562f45d1a299211aabc0ecd2
-
SHA1
399b1e4dd9e0ed338da4c5a992023cc86933815b
-
SHA256
855bd36ba1246de29816656408af849506089b31f2f143fa5c459c1ae351bbce
-
SHA512
89e4fab72b4182527f8319ddfd1fc31555020fbc36bd069e6b96aff9e0da1a66ea6e2345357cdc5d8790a537844aba21d1a8e9dcec29bb55be8100e2dbe00208
-
SSDEEP
1536:pZ85hZ34LMCkPOT8BIwMa8pZlNFRF7uWypOlZWxyckaWJ3fm5pjNPvDQG8J:64FYB2lZl+yckbm3jNPvDM
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 888 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 888 AcroRd32.exe 888 AcroRd32.exe 888 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe7d31f562f45d1a299211aabc0ecd2_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:888
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5f1543a17bda8358a03e4783e32347849
SHA16048ff104bf25855bbf594adc4983abb885abe6c
SHA25696b3e5d09b020da0ac4a3fc369674243adf9a9a5c26b04119396625f76af4f78
SHA512929d48f0033fe39682e93cac5f322153cb6b09508cc643f6410fc55b462fbd0b5d3d698acdf2333e4f66b2815b8b1564114fdf2f25d718ae1436e89f1cf8194e