Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 17:55
Behavioral task
behavioral1
Sample
ffd696923c91a81c6c8cdcb4d3bc8f4a_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffd696923c91a81c6c8cdcb4d3bc8f4a_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffd696923c91a81c6c8cdcb4d3bc8f4a_JaffaCakes118.pdf
-
Size
78KB
-
MD5
ffd696923c91a81c6c8cdcb4d3bc8f4a
-
SHA1
8dbbfdd1477a4fae864c195cb1c4833eaf33c787
-
SHA256
c05f7fa54c9df0e4433cf44fe97f06187dcd3c4ad591648c66cbd198f0a142ce
-
SHA512
26a181f2557c79ec28afa0f3b46be8d154035b9d62a6a744b32b2b4529ad56ba1082b35ce10b088b5134489a428baac60b2312c20f7c286507cbdfac76f0c7a7
-
SSDEEP
1536:IdtBZCCuv10QblIzhUsBnD4mOVT0ru3bgX4GduSGsRsrWGJZ0YWUpO9NAPtTB5O:WsCuv10Q5D6nY30XLIHZ079NEu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2240 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2240 AcroRd32.exe 2240 AcroRd32.exe 2240 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffd696923c91a81c6c8cdcb4d3bc8f4a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5b64cdb6a378c36429da5f352f0dae449
SHA1cdfe3ebdd8f87ff6ff761ae3378a850ad9ffd158
SHA25682cbdb808b155b49f272bde8bb60efc0b7e41c42045024df7eec64908574b6d1
SHA5125c64256e0e8c98bc3f3547dca9b34d9738a5302721e73bc5d8e249ea36a88938202131f5461a11a3b6596597501b2e202946ad01fe3cf9be03f64ca70a36e736