Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 18:51
Behavioral task
behavioral1
Sample
fff031b3508535523a5c5fef0f0d9883_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fff031b3508535523a5c5fef0f0d9883_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
fff031b3508535523a5c5fef0f0d9883_JaffaCakes118.pdf
-
Size
91KB
-
MD5
fff031b3508535523a5c5fef0f0d9883
-
SHA1
e5f58353ee5b9bd43ae08a462abbd41c442a543a
-
SHA256
699beb9a377cc93e7b36757b16d038526d43703907bb67e73c244cfa5f18f9b4
-
SHA512
d54c4620453222e6a6321c96094d406e8501c7d04c5709692d5ea356903ab121455f23ebdb4d201a2524867e984662845c9ffac7a68a19a521d149ddd64302d1
-
SSDEEP
1536:fq7jMCf/yhwAxMQTOEwfNhgh/3j3af4TXLIXBHfHu6WXpO/EWimWu5tadkjwtvT:yUCf/yPxMQT5wbI3j3NLIRfHl/mmWASN
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2476 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2476 AcroRd32.exe 2476 AcroRd32.exe 2476 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fff031b3508535523a5c5fef0f0d9883_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD52896f41cf8faf2dc20648179c7535b7d
SHA1ae42851b089aef548fd5f81e956fa7b5aaca9990
SHA2561b887d90442d67b7a546fda0c03604323941e9119a6038add84c5f82191ac892
SHA512598b96902bf499dc4afd59f0b404827e9644ee28555cf6389a3c98578af02c9125d0e2aa806dff5f43c19d96b3666ec54676c73d50e32eb1fd13665c67e99ffd