Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 09:11
Behavioral task
behavioral1
Sample
0071bd4874817cc29179f127dc0913f7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0071bd4874817cc29179f127dc0913f7_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
0071bd4874817cc29179f127dc0913f7_JaffaCakes118.pdf
-
Size
51KB
-
MD5
0071bd4874817cc29179f127dc0913f7
-
SHA1
80bc54a893fa2774c792985c83bbb4e7f18e64b3
-
SHA256
610b8e2025ad9ff724840cdaaf368784731e0ab5d8a60575232a33f946d84788
-
SHA512
9189691613b57653bc72dfa0f1342bb688a14d5fc6d28e9c9e079072095c410fbe6a3645154240b2823a73985ae50e923be74c302057aef5d4aa214a8daa0df1
-
SSDEEP
1536:LGFOpMzCPDxgPFiqaPTOJI5NcEETQVu2hFo+mDXRJ:qFOpT29T7TQhI
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2772 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2772 AcroRd32.exe 2772 AcroRd32.exe 2772 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0071bd4874817cc29179f127dc0913f7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2772
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5b91a659dd50418695096257c6b8f5cfb
SHA17a31c7c4d19abdf841675c026c06a881f110860f
SHA256cb200ef025dd4a8ea109b503b31e3169c64904ce4c604837578153bd960a5446
SHA512cbb10631a039428b7907f3297ec16101c4065c7c7081a488e76102e18268700c5050e115d9bbc14566f420484e49b497e84a6e0ac20bc0f785c5f8fdd07545b0