Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:06
Behavioral task
behavioral1
Sample
ffdb6084b406f3f460100032a5b3193e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffdb6084b406f3f460100032a5b3193e_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ffdb6084b406f3f460100032a5b3193e_JaffaCakes118.pdf
-
Size
44KB
-
MD5
ffdb6084b406f3f460100032a5b3193e
-
SHA1
1f1f86100d0a257c7fa21dede238e76a0d89519d
-
SHA256
4deb034d791e79061d30dc584c52c015a6435e52f2f9c6bb2d2e2f9564c69405
-
SHA512
9becfb6aac0135a85c242efe81c344cd17352d0d147eb4dd3662b46b819429d141a33f43662deb446884a14fcc53012e4bdf030fe6c1ae59ad9fc77857259efb
-
SSDEEP
768:IlTKwMa5i3DlaAvmRr80bddLbstKqbZzD3/yMOg+5lWIpvLGjfIY0/eyVBEjtvHx:INbMRc4M6OgUWIgjfX0/eaENH3ek
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1432 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1432 AcroRd32.exe 1432 AcroRd32.exe 1432 AcroRd32.exe 1432 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffdb6084b406f3f460100032a5b3193e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5008eaea1bfedad4fddf81e3916d3a835
SHA1ccc21319f8b290701a04a70a170080bf4781ea5c
SHA2566d5d4339c6cda84e7afde35a6e6c246cbe55f189b6a37bc483f05bea2f02a1e0
SHA51250843f63e34508d328a14fa383f5b63142df8cdfaca02109ca4a6a79389f8e793a49a4c157f6016e4e8583bd1ee4065cd8805723e4edd8e05daea74149acac67