Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:21
Behavioral task
behavioral1
Sample
ffe1f763add4e95516884aaf691df646_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ffe1f763add4e95516884aaf691df646_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
ffe1f763add4e95516884aaf691df646_JaffaCakes118.pdf
-
Size
75KB
-
MD5
ffe1f763add4e95516884aaf691df646
-
SHA1
6fafd773a9840518828ad96cf3a33c6e33b42e0c
-
SHA256
f358febfc80385f511e8b75853b2c5a9348b12db6ae6b249f1359ca85930b76f
-
SHA512
09570b4a356d977c21720bbc23c851efc065b2b6c126b5eb9fe5941a826488ede175b9f9653d041f61ce3152869cf0f0b835c6b725e541abf3274c0fa25b31c5
-
SSDEEP
1536:6irK8LCX1oingqlk9IAi/gflO/1cOh7tWidbfTkmIW8pO7YQn:BXCF3nm9cgflOec7/jgmz7v
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2912 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2912 AcroRd32.exe 2912 AcroRd32.exe 2912 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ffe1f763add4e95516884aaf691df646_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2912
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD525a8e38edd5e61107524dd8b6f0e950d
SHA1e0a3745ddb3ac8390f97214bc76b43c0b779b88e
SHA2568304f103898a185061ac3a3f3cfd21b7f1734a5721859fac0bf5ec19b86b0548
SHA512d22138ef3743be12e945edca60c258d703f1050e172e2272fe87ddf99d3a902294de96faeb98ee9683074fd04348f4d1285ab02401167a110ee953b8c40424b4