Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 09:57
Behavioral task
behavioral1
Sample
00839c0aa3a457f8f1e136fb8dac34d6_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00839c0aa3a457f8f1e136fb8dac34d6_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
00839c0aa3a457f8f1e136fb8dac34d6_JaffaCakes118.pdf
-
Size
40KB
-
MD5
00839c0aa3a457f8f1e136fb8dac34d6
-
SHA1
65e2c5bac4bca945a98d4a6ab4cbf6e0092326c6
-
SHA256
52eb17a938d461c95a947df2542d82206145e7e28754d881cd1d97e9cbaced15
-
SHA512
db577ecbed1f27a11b2e32fe4d45904602873aafc959a2a622ba10a3006ce59982c1001b2542f00b092c5f5507740da9e347ecc3846084f3b0ebc948b431d602
-
SSDEEP
768:jTHCDIWinsWTxDHPqV+Gfm4F+JlgwGmP9edIphj1BwlTxE5tXuMZmwgCLWarLL:jT8isWTZHPqV+GfmzGQcIpnylTSXFZmg
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2820 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2820 AcroRd32.exe 2820 AcroRd32.exe 2820 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00839c0aa3a457f8f1e136fb8dac34d6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5c20b225f097d1c6ee2d993b44b4252df
SHA1a47ab160fc35fd3e2651abb05fa0fa3db710a085
SHA2565f9406939afb889875767f6e08426d81ddf8a83828ae0c58928df369b40724ea
SHA512f0cc7e67a007a6776b81cabc732ceb28bac080286a4abf582d503b6a37517812d1450ed65b525c98cdd929dcf0a07772b18cb5292737c47efe2b7759e4594c88