Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 11:28
Behavioral task
behavioral1
Sample
00aa5470569f952331c3fe9074176fea_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00aa5470569f952331c3fe9074176fea_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
00aa5470569f952331c3fe9074176fea_JaffaCakes118.pdf
-
Size
12KB
-
MD5
00aa5470569f952331c3fe9074176fea
-
SHA1
12b47543e4e76248c8bce421ab72eecd1e18d470
-
SHA256
b24d9186d18efa9a2b59abd63ca14443d7355134022a5c7cdfcd227da4b974ef
-
SHA512
2529aac09b2b1d90d36958806a2aa3d406e489c57a0c600ef35e22a2d1da8eb6149a713e042bbf2564040cce1da486ea02b4c98a94c6cb5a7e9192622355dd2a
-
SSDEEP
384:Vzsnj1v9024aI5aUMNsWnlAz+ZMFMtb5TnuRdAyNgLx+elYbQ/V6sk:VzsnRv90275U0blAz+ZMFStAdAyNox+J
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 996 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 996 AcroRd32.exe 996 AcroRd32.exe 996 AcroRd32.exe 996 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00aa5470569f952331c3fe9074176fea_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5faa3a275adef8126eebe93c574e23737
SHA16f104c434d227fc871799a619500919faa556d39
SHA256b1f0628498a05b4f42a4ed261768642c7b71259ca88216aef8014a3299aa0280
SHA5122d9e93abd18e6ce5bd5293cba1d7624877a8ef88d6a9af70ca92425de9d641c2e2646e1684f788f5de00f4ef1b2b4f63f142fb9fd0f6d4af205bf23d96f449da