Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 12:00
Behavioral task
behavioral1
Sample
00b858207098febe031874f834d5cc64_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00b858207098febe031874f834d5cc64_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
00b858207098febe031874f834d5cc64_JaffaCakes118.pdf
-
Size
40KB
-
MD5
00b858207098febe031874f834d5cc64
-
SHA1
a296dca095fbab20af14e5e9c50618572b8c2029
-
SHA256
4d4ef9ae7249a85d1b67aaa0bc84f8af676c6b2bfa6494d22fea43be4a652a01
-
SHA512
2821ffd0ef8f731c9cde8199a7cffb8fc9ad2ea52148601d7f33b5c32e8e973ae56a1301d28d5e663cf3cad54240c38dfc1e32ddc9a1c396f7c46568dff88473
-
SSDEEP
768:4gGzpD5pRK9s0sQjkkTl5uhImSjuQuJm/3px+29pG3LE0q1g0e0WG6iIaRy3O8J:VGFFpRcuhSjHfJKxq1nHWFTO8J
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1712 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1712 AcroRd32.exe 1712 AcroRd32.exe 1712 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00b858207098febe031874f834d5cc64_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD575c6a481b8785e42d16de9df1f4b2628
SHA17b4bcec1d4c495c079a968d3c3b79b48ce18afae
SHA256063954d3bfd9454949a4172456e6d42d32e72de50045dc124526e398a20cd7d1
SHA512c407c0e81cdeb87874b65cfb43af7e0152ecd6c28e6307647990983791e934ae29a10abbee9e80ee3bb3751fbc56fa52045f4611299bd422a7debd1e3cf5267b