Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 09:22
Behavioral task
behavioral1
Sample
0076ad4b3ea38abd6ac571d153087e3b_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0076ad4b3ea38abd6ac571d153087e3b_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
0076ad4b3ea38abd6ac571d153087e3b_JaffaCakes118.pdf
-
Size
54KB
-
MD5
0076ad4b3ea38abd6ac571d153087e3b
-
SHA1
2e2126309a4ec956fb9063369bb73766902abfbe
-
SHA256
1dc3d831aed5ed4149f8d42f01002e5e6c07e21a60146248f90dc23126413d68
-
SHA512
ccaa413836a6dca90a934389590fc0c45bd96509b4e732d2a9b8f4587f8a556bfcae623f96eafcc7f97533b6e877d6022c194b2fc4a9f51be680b7f5cfa3342d
-
SSDEEP
768:NgGzpDyBVksi8ZxQQjbqWfSsx8bqjFx6kqfPtwpj+K8TTUT4Isi+qW4touU15161:uGFmfQQjzfGOkP5w+p4tbUvUlWfJer
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2872 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2872 AcroRd32.exe 2872 AcroRd32.exe 2872 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0076ad4b3ea38abd6ac571d153087e3b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2872
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5ae5a9f1f53d30d2dcaadf82145055994
SHA1a93ecd0f96ae70c329c2d18c611742df39201083
SHA2566557906963d1da59c0fd066b4f471e3f0dcbc4cf2b3598638f618870a02a6d2d
SHA512181e414cffaa22279a26fdab4ac5726d4160ce22d348613896f26ea7b8d9ba2c80514b230856b703b0f2ed0b1228617aa49eb83e21ee40e3b032170cf25228bd