Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 06:41
Behavioral task
behavioral1
Sample
0035679924d5d5f2f904ad275ec80927_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0035679924d5d5f2f904ad275ec80927_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
0035679924d5d5f2f904ad275ec80927_JaffaCakes118.pdf
-
Size
40KB
-
MD5
0035679924d5d5f2f904ad275ec80927
-
SHA1
2f04cc8f721cd31b6f69167cf500c123b9fa4c57
-
SHA256
eec8ea95cedf8aacac3aa6a658211f57981121ea67dda82d3cb23d735fbe9a27
-
SHA512
c668bf13e52df088d1ebe362055f3f8c6b05b9ed179d44481c7fdac561a1b87dd263273a6b2809ac6ffcbc99e401dea4e3f21279f8a49ebc3be3644a50b2a91a
-
SSDEEP
768:dgGzpDPXqmuORLlmknBIF7wWqtJTPRBMYpTbv1zNAazcOceSNMbYbYCgUYR1Ou4c:eGFzPrBMYpTbv5NAqzceSN1YZDR1Ou4c
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2980 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2980 AcroRd32.exe 2980 AcroRd32.exe 2980 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0035679924d5d5f2f904ad275ec80927_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5bd39fd50c93da5eaa1267644f645858d
SHA1c2a64bc03fa2bf5853ebcd01b1e0662cf9031b9d
SHA25622bcd237e65cf6f37e21a4341de530b6957c8e6672b8903ee813ddd4aabcb907
SHA512bb068bf4c462d0039f520be75b5d220e066446c9d5d53469876af0a7aea62d22a12cd985149dc5a7d112647c57e43b7c0a975a9d96df3df4ffa87c90a46fbfd0