Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25-04-2024 21:57
Behavioral task
behavioral1
Sample
00295b61411a644d3fe1016f6aa007df_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00295b61411a644d3fe1016f6aa007df_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
00295b61411a644d3fe1016f6aa007df_JaffaCakes118.pdf
-
Size
51KB
-
MD5
00295b61411a644d3fe1016f6aa007df
-
SHA1
17513009e8795b8904d4f85a09df1d292594ec1e
-
SHA256
1b6b9dd585e273edfc51d30b9a0c0a9ccb4c13ac2e79ee53bff86b58e84b4f90
-
SHA512
1e98a7a5c83006f9d516647921e9b48737750283b3aac34931cc3a9b7049437bd7ff34e8d02070d5ed5317389ec332dc9612e75b69aee1b1d0bda39f5769e249
-
SSDEEP
768:zgGzpDbD2pxjyXJMPVicCID8kEAsEySV1lSdBFaqawMK9r1Xoa0loAwnYIJtmAXn:MGFHDe8vEySVXCdzxt3WoAwPEAXMSR
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2184 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2184 AcroRd32.exe 2184 AcroRd32.exe 2184 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00295b61411a644d3fe1016f6aa007df_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2184
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD528b8323337538c510d9aba51fe322300
SHA156aa1a21914d2df9afdd94b9aeb607409dab4922
SHA256572b483c35d96cff767ea6d1e96f62663071a1686bf1f5b447c8eacafabdcd90
SHA512f50a04d17c2087c975a554e244b90987a378e035e91f57dc07dbbb09f089c9390b4ba17693e7f02e81c3394800d50306f0e2b3b726ce86d5aff4a44772dfd783