Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:20
Behavioral task
behavioral1
Sample
ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf
-
Size
73KB
-
MD5
ffe1ab66aa1f5fc73b211aa12c2e59bb
-
SHA1
e40adfe964eab739116733018e1cf94d65f2f9f7
-
SHA256
80496e0fbf389f19f0916b2ec3e989d0b29161ff0a3d9b430d1e55c74d34402e
-
SHA512
aa5d5d22e6fa0cadc754b1e817379c849a6b56c40f5bef4c77ff663e295e0eba2f1c2a5ba498b1b4f3adb1d919003f51061ef841fac03ef7afc06aef3d1ee2fb
-
SSDEEP
1536:fc+mURI/bZnv5OL6oa5LWOpOwrl+fWWw6LtS6fBfjF31Q:EzUR0Nvu6oa5owrwfzzb8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2528 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2528 AcroRd32.exe 2528 AcroRd32.exe 2528 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe1ab66aa1f5fc73b211aa12c2e59bb_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2528
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5f266c7147b3ac9d9ea0d43d5c73a6d6b
SHA1c42cf37c20bfd0017f015087b21859c33215b0ab
SHA2565611495556c1634014eab704f3468873c5f4ae416fa2875dbea9b009e8d43725
SHA512083bd3f500b8cab7dff255655d655346f5d3ce20c5c1fc0f613b5a20fe2069c8afbde8b5b5a3ade2e195860eba926e137000324af8ea5465a7d48b4d7a3f0115