Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-04-2024 19:16
Behavioral task
behavioral1
Sample
fffacc94f8c3a40c11aca24155e348c7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fffacc94f8c3a40c11aca24155e348c7_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
fffacc94f8c3a40c11aca24155e348c7_JaffaCakes118.pdf
-
Size
80KB
-
MD5
fffacc94f8c3a40c11aca24155e348c7
-
SHA1
2dcb91b7e4a17d79654619a769e76f27d6c86433
-
SHA256
d3d75b42a44a3e1761a8b8cdd06f622cebac26570774d229ec3e3a611ab842bb
-
SHA512
01d2d8d78fc50a6f8e6025a6fa4f5f0e71e95755ad2aa121fed767791b6b41dcf532f49456604f7ff0277c6096e1232f77f04283890aadd5e9dadbcc554e283c
-
SSDEEP
1536:4P6mmz50jwH6xjvvRkKxW6z0o72L6DxvJO8IONhWHu+8fc62fCW8pO+QdM:sZi50jwijvKfUZ72WDO8xp+8fc62ft+5
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2304 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2304 AcroRd32.exe 2304 AcroRd32.exe 2304 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fffacc94f8c3a40c11aca24155e348c7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5f99e0d8d24213e992b7278e3898e5cbb
SHA117f9cf4c873b6f46f4ebc3957c3385d7e1de117d
SHA2566a2f2d63e7f0123acf6d699c40ef6da3f96baf36aa9b07d29ad81887c227c7b2
SHA512b416d669abb8f89963c2ecc62833959f8f1a6ccfaafd42ef951df4d83e6e1d828ac5f6b139639e285e615e2420a7cabd8baed3cb9d4606f91194a97aa069b24c