Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:15
Behavioral task
behavioral1
Sample
ffdfb2b31f546ffdc2a1d1ac0c9efb74_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ffdfb2b31f546ffdc2a1d1ac0c9efb74_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffdfb2b31f546ffdc2a1d1ac0c9efb74_JaffaCakes118.pdf
-
Size
95KB
-
MD5
ffdfb2b31f546ffdc2a1d1ac0c9efb74
-
SHA1
e193eaf404ed9ab3eca82d98ba9a1f4fbbc635f1
-
SHA256
45cb9841c0cf2c388b557e575ada9c64226d660947942857b2ea7152c365a8c9
-
SHA512
2c4bc282da07ca99b8a9bc743406cedc9f86e64d1d4e14322694c09d62ec50089b7a64aa13df7e0d24119971c763c7969530d99b76fb08b2f501a0b6c3aab586
-
SSDEEP
1536:cBk9Vlt7RGcPBB/LCAKH85fIUZJpmdsil0VPPu6NH/1VXQ1ZteW+3dr225Lo+Q6T:2k9RouLCAL9kdmqZtVSdpm+GPEuVFq5V
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1204 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1204 AcroRd32.exe 1204 AcroRd32.exe 1204 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffdfb2b31f546ffdc2a1d1ac0c9efb74_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5d5f70d8f2bb2919cce884c732bc23ceb
SHA1e5dad83f218b1e4b09d6aa1978468476997cfee0
SHA25637ae28fe28621a9d6af9cd9ad8d859e5f910b955fc341ea74b094060bdf82f20
SHA5127fab1e13b3f083122d60294bf62ad24469241597a50bea73fdc24dcf21319270baf18b30b526f12ee192a1e0df2c0edde7ae2f6e8c99142ad604be44a27e7ce4