Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 06:40
Behavioral task
behavioral1
Sample
0034c74694ae24cfbb9f5c8607213e62_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0034c74694ae24cfbb9f5c8607213e62_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
0034c74694ae24cfbb9f5c8607213e62_JaffaCakes118.pdf
-
Size
38KB
-
MD5
0034c74694ae24cfbb9f5c8607213e62
-
SHA1
437772318e5a72d0e2cf2d25f47b0ad19523fb46
-
SHA256
7489fd36bdf9971d10ca2f552184903058b41b03c90d0f38add2df47eb29c0e0
-
SHA512
52ebce5c8d16e1efc1cf2e87cd6d583824f9f4985377cc19c7629a362ec7b212e4c3679f2e17841a2c2e567907d455108223af6faf089843a24956412f6a94cd
-
SSDEEP
768:CXuMZmwgCLWarfE5HpxJyj5+C4mvuNU7+3s1bcB15C8uU:CXFZmGWS4jJyj514fUy3se15C8uU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1548 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1548 AcroRd32.exe 1548 AcroRd32.exe 1548 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0034c74694ae24cfbb9f5c8607213e62_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1548
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD578a140d74fe5c5211434b0abdf8d6d3d
SHA1d4273af2949f85eb39a6836e8ade4e5b3d1ed2b2
SHA25626967b009ee5dae71532b09b914923f4a048cf00107031edd86f0ecefcefb2fc
SHA51204dd3c80e0b65a35ad5f6ecbe44c13c7caeea4363161e0c96b8234858d31c58197b3b49e2d01546a625cd7b67e2ff92924af50c2c73e1e82370b8782d20c38f5