Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 08:16
Behavioral task
behavioral1
Sample
005a9f00140ecaadc3d215d4da50dbf7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
005a9f00140ecaadc3d215d4da50dbf7_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
005a9f00140ecaadc3d215d4da50dbf7_JaffaCakes118.pdf
-
Size
39KB
-
MD5
005a9f00140ecaadc3d215d4da50dbf7
-
SHA1
2db4c6be6d41af2590ed7c92ae125271c4315717
-
SHA256
bcd7283b7fc14ae84ef75c9ed6ccc401baf8a90f6a61c43621b6fdacbe1619c5
-
SHA512
c6127ac0f4d174e2743eef14ac6c91b89ffc313d2565675e3110965d8b5fdd341ef1a658b7e72ddd78e16a0649bf266307b4712c1c82bf7998dba4d73b1f82c9
-
SSDEEP
768:PgGzpDzN0SOO2qhkRP5w8mVbxx+GsbT3T/RePhKP6tPFCpw0lGlup50hN732:4GFXN0q+HTrkPhft8pLlGlu4X2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2004 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2004 AcroRd32.exe 2004 AcroRd32.exe 2004 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\005a9f00140ecaadc3d215d4da50dbf7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD584e8a785afe6ad9e409a09b07d30ef42
SHA132012f6c4dd637782b7432cbe341550f81726599
SHA2562d9fd349f397d3b11e641595431d850f01df950a5c3d955763e5de7fbcc57f9b
SHA512eeb05865282ac4a4ae628040855fe90da94f67fc1b74be3d44eb157c5ae9ae621f9b0485380406c2182acca2c10270cca1c29dcdc387699ef5842a2225281e52