Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:35
Behavioral task
behavioral1
Sample
ffe8e76b8c701ab0f4af3372300420fc_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffe8e76b8c701ab0f4af3372300420fc_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ffe8e76b8c701ab0f4af3372300420fc_JaffaCakes118.pdf
-
Size
86KB
-
MD5
ffe8e76b8c701ab0f4af3372300420fc
-
SHA1
0fd4b8d1b9895732810c1ec9221487f8aae8e69e
-
SHA256
833cd64d343f8062828c71683729efdeef1b777f95eccf7b41c9410378af1a83
-
SHA512
60e20121ac5f7882e265387e72e3f7d9cf7546781b3065d8528d0a5fb2895456e86fdb169d747117eb779eccec6652f7d4cd6db70820b4ebca82e5b7d6449f1b
-
SSDEEP
1536:iqUQiggqu7FfwSIb1J8ke2PrG1R6z2B8IhQBZJhaQYWYpO2+WbmFkO5PHLDE/BFF:PUzFLpf7sr8ke2qX6zc8ImZJd2Ym6PHO
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3000 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3000 AcroRd32.exe 3000 AcroRd32.exe 3000 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe8e76b8c701ab0f4af3372300420fc_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3000
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD542c8d992abd402af3ccf5fb9f642b510
SHA1d6d3d26320a1f1372f263734cfe00ba19b807943
SHA2564d48e31361859b0435821c97364fd93e80474ff7a86ebd328735eba41b0166d6
SHA512c37f7794ff3e69559fcccfe1983d0dad1de31c73e023ee5adfa923e5250cc9668b7052da5da0213a11508f05a08c2bd5ed3d58dc6f98c764dc2f0b0758aea456