Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 10:53
Behavioral task
behavioral1
Sample
009a42f882030957544e09946b87f30e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
009a42f882030957544e09946b87f30e_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
009a42f882030957544e09946b87f30e_JaffaCakes118.pdf
-
Size
72KB
-
MD5
009a42f882030957544e09946b87f30e
-
SHA1
700d071e716e5c9350ca31238cd9e2dd56a5a9d4
-
SHA256
bb3438d5bb717e1bbda3eb137c714c513e69d6cc184bf4b005037467c907779d
-
SHA512
389c3e89af6d053fb2a06142b666c0db299b1f0c5da85adf2c7d183c5d32c66c4f300f1b691cca1ef3c4ed1fdaee112ec6f77d9c3135e7ad5651379ccba5837d
-
SSDEEP
1536:5GFQmRH4Bb/mpAhK20iiTw8hDWq5vCh6xMlWlKP62ToWCoGI:MFQmRH4Bb/c20DTw8kW+XwqqWt
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2096 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2096 AcroRd32.exe 2096 AcroRd32.exe 2096 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\009a42f882030957544e09946b87f30e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5346e5967b7bd2966401f205a4a0454c3
SHA1a2eadceaca0e0a746b630782ee08e46ecf7bda5f
SHA256a1be33721553274db9bdf073053fd3fad0c1274dc55db08e4818d56977fd04c5
SHA5121142d03a19fc010b5238f676c394d40c3d35df9a2f3f6375cfbb0f1fc13e3966219aef1fe6151f1a9d36833e21dc47fd71763aae4d79c96e4b99f7329b633ce4