Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 19:20
Behavioral task
behavioral1
Sample
fffc0ec0595b71407e64b7f8671d0493_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fffc0ec0595b71407e64b7f8671d0493_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
fffc0ec0595b71407e64b7f8671d0493_JaffaCakes118.pdf
-
Size
89KB
-
MD5
fffc0ec0595b71407e64b7f8671d0493
-
SHA1
e88388d372a9ac30c0728f664941ac3e09111e4d
-
SHA256
41c7d55bf4fa5908664693ed77daa0d695e46d66953cb8b21474ea000c57ef5a
-
SHA512
6b98e4c76d76786f7d16e047517d323886ef0fe52d3bcc6e4b761890e2abcb66473b2ad747f052a68f0c3e93356d517ce42be3eee7a43128bc4415bfca81ec0b
-
SSDEEP
1536:oMu/OudYW4cCGmCbbv3dxTLGJMP/tJJKPLjw1OxOmWypOlLtouVW15uZAOOgzC5:Nu/OR/cCGF/FBXXjJWLnoHlLFS5rg4
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1936 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1936 AcroRd32.exe 1936 AcroRd32.exe 1936 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fffc0ec0595b71407e64b7f8671d0493_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1936
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58f1315efa3e988a6fce64e6ea3b41f25
SHA193b796c763563918d1eb44e624ca1cbb8cb1c8c3
SHA25637f6a545fe83770c0b4b2678539ddb1ee17d8a5b8368f7651270c84b2026aa3b
SHA512cde7c9b7c5bdf99e373863f5407c470223d14861d2cbe554aada51e864e762903b32f8beb87c0dcfcea2e9b6407ae4cdde80723e351f1f09d4068c198f34405d