Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 09:03
Behavioral task
behavioral1
Sample
006e02dcd6d39fa8103c892dfcc8dd6e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
006e02dcd6d39fa8103c892dfcc8dd6e_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
006e02dcd6d39fa8103c892dfcc8dd6e_JaffaCakes118.pdf
-
Size
43KB
-
MD5
006e02dcd6d39fa8103c892dfcc8dd6e
-
SHA1
a1fb1d777be79b1468b02ea6657ce7904d5290f8
-
SHA256
e5dbc111c12a5b8889ce433fdb4d8fa25dae9bf727c976b596ff15fd0c896a5a
-
SHA512
6b40bd48e3826ad979460e8f8356e925a9c925ea7e454d2436dce7f6a6788c7de209e9cb1a4ea5093ba09d7c653d9f5b82936bb310f55c5d3d22788e773d63e8
-
SSDEEP
768:/XuMZmwgCLWarwE5HpxS7hJpwrzSX6Gwa1YtIwu3ZBCftHPGs6qtfdBSatCd:/XFZmGWSZjS7hJpwrzSX6GF1w7Q0fBPg
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2204 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2204 AcroRd32.exe 2204 AcroRd32.exe 2204 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\006e02dcd6d39fa8103c892dfcc8dd6e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5a2b42ef6a5c9ff24397384e313bb68d4
SHA1e4df1020863f1774b9c7edfd5dd4529a304932d7
SHA256e2d936fa12f2fbf235080602c98282ffc28dde05a89611e849b7130b9497f8a8
SHA512cd90feeeca53ce8d5ad3c19ecfa51535f97473eb157c305086839edf59271f601e93c4d071f41f28297b0393db7a157855585170c327d006193d1aab81ac012d