Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:17
Behavioral task
behavioral1
Sample
ffe0130abc89dd399eea018d55068619_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ffe0130abc89dd399eea018d55068619_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
ffe0130abc89dd399eea018d55068619_JaffaCakes118.pdf
-
Size
65KB
-
MD5
ffe0130abc89dd399eea018d55068619
-
SHA1
1f6ca1cde2bc4c430aae00a1cf4e684152f753ee
-
SHA256
b3e9f8bd3f53e63786a5871bc55fa4a9359d5d11764afb1fc15c71f6b43ca096
-
SHA512
6ba233ebb6f4145d18500409bf294fc49d15821512d65c689f1d66379d6457b503cda11857584f2f38ac26982e30c97df86705cf0959e4ed003ae83a8ee99f85
-
SSDEEP
1536:5Z2RO/oXbZXyUhEN3JdHOAxIy0bTByJMxwqJLT:QbcC8eAxH0fsCxwqF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1684 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1684 AcroRd32.exe 1684 AcroRd32.exe 1684 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe0130abc89dd399eea018d55068619_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5b39caa53e02904aa89a5d584e822b983
SHA18d1370d33a3ab161cb56d157aa0f9b65d27dde14
SHA256920b2e7b6934fe78221a7cb6f26540fc689853e43570ad3a18747d1e7dde4874
SHA512f377c54a7d90a358ec0bfa67334304df40258baa4da8b52f50d375503e4a3643ca069f89a47039d04acdc63842a7f23e3f65af71f9b5bb9af9ae17c722d2f6b9