Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:31
Behavioral task
behavioral1
Sample
ffe74b2f264dc5ce7fa1b509f7eca4a1_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffe74b2f264dc5ce7fa1b509f7eca4a1_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffe74b2f264dc5ce7fa1b509f7eca4a1_JaffaCakes118.pdf
-
Size
79KB
-
MD5
ffe74b2f264dc5ce7fa1b509f7eca4a1
-
SHA1
87bf8fcfc7c05f517e95fa66c03d89827254818b
-
SHA256
a2a78d4ea9ccdf4e3d4fc1a138d8958c36def241bc4cc0a7005a46434cbf9ee6
-
SHA512
b45031b140c04b81db0103449f4e23a8bedaddd87a8cecf5527ddd3cbd3e5cd3358d8efdc63fd02948fceac8b2a1944fc8e3b1e90611fbabfae627b2baab7a37
-
SSDEEP
1536:kF1Ir9ZzhyUsY+NW+hHIAcz0e0Zi0V6aLQIWj+vqbRMCkNbWOpOaZaSkbOpi4wat:oa9N8eAeF0Zi0Vu+yVdkNMaZtkbgN
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe 2032 AcroRd32.exe 2032 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe74b2f264dc5ce7fa1b509f7eca4a1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2032
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD581a3c8a8322687fc4502d0db0129dad2
SHA1f4eb3b117ced5cb078242a2a4e85b12a40bb0cf9
SHA2569537e86072a777d5d5b50c9b3f98eab59202e3b0c6ef652e69c6f0e1ea191141
SHA512cae994108448727d40fd63891a1309fbaef58e4898fb73e6b407b3f843832612ad8a8025276f50118c9351e081027d144e28197707b33340dda1b5a4920d8298