Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 11:50
Behavioral task
behavioral1
Sample
00b354ebee851362f7e534921fab6046_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
00b354ebee851362f7e534921fab6046_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
General
-
Target
00b354ebee851362f7e534921fab6046_JaffaCakes118.pdf
-
Size
62KB
-
MD5
00b354ebee851362f7e534921fab6046
-
SHA1
260999c41ff2ca5b5463ecd30e5463d11bb046e4
-
SHA256
afaac5c8087b7fa29f68e0ba4f7c33ba9c3d5005af38460e76b0fba16139f1a4
-
SHA512
1d22fc4211e5b4fb7f06e75c5d0722be21295874fd36d22f0e12d213a7865fb2aadd07be7aa671964017d9eaf5965176ef2f4a56d1e492ca0c85cf0c8a17d1a8
-
SSDEEP
1536:RXFZmGWSYbAJuyDyVr/j5pOKU0XjmBYCgsR2ImEV+lke18qqeTP0:BysY084M/jWKrSYCZ7+lke1eeo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3012 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3012 AcroRd32.exe 3012 AcroRd32.exe 3012 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00b354ebee851362f7e534921fab6046_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5285e132d89c52cfb2cdc2c9d19652875
SHA15f010f21df3a94d674e78a3d39f572087ad52be6
SHA2565c3fdfb9a6f8ffa5140a63a48999a0a2e4a1ee11a3616d346395afd48d07f42c
SHA512da7211ab9b0730c54eb368751b3caf1fadc9c09f9f9ac68af8da6362965bf4b3afee0e5e389c97f3fc385a9b29a461fb338e917a766af28053b33f4ca9d38d0b