Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:11
Behavioral task
behavioral1
Sample
ffdcfc7f8932ed87a9f26d79ab5914d3_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffdcfc7f8932ed87a9f26d79ab5914d3_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffdcfc7f8932ed87a9f26d79ab5914d3_JaffaCakes118.pdf
-
Size
43KB
-
MD5
ffdcfc7f8932ed87a9f26d79ab5914d3
-
SHA1
37d79ef237f4941b734b09a8fbac52f071a954c4
-
SHA256
3a71660151b6caa879c571683832613fd909630f1fedbaa87c69c908b7794095
-
SHA512
a7cc3a26aab5a3dc79cf4f460229cce0ee54e5064b7db59d6c2580d7a1e1a3d7b4f551c9dea038e0b5db8270ecc2cf11c263a7ba8db326376a79ba332f5f4db3
-
SSDEEP
768:MgGzpDVGWw14LOwQNoRNrb40ZhivBxi6ygGvFQmxOVQ:JGFJGxTw/z4iSqFTOVQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2960 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2960 AcroRd32.exe 2960 AcroRd32.exe 2960 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffdcfc7f8932ed87a9f26d79ab5914d3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2960
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5d05657b76e51ee466a51cb444d8401c4
SHA10e434244c12c26aab41731de8d39abd862b18ad4
SHA256daa0fb0a12b4e5e7c196ccd0ac5c19f56dbc4e55657473e7b716ccf3e6cadd13
SHA51244946242136ef45cd885db1fa2c01faa0c7613a711483cafd4e77180051271b7288aa767e3ac1b01446fec8c740581d885ff39faa915ce0884272dd09681be24