Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
26-04-2024 13:23
Behavioral task
behavioral1
Sample
00dd97c3431e2b75691b8d2c1ebf20fa_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
00dd97c3431e2b75691b8d2c1ebf20fa_JaffaCakes118.pdf
Resource
win10v2004-20240419-en
General
-
Target
00dd97c3431e2b75691b8d2c1ebf20fa_JaffaCakes118.pdf
-
Size
572KB
-
MD5
00dd97c3431e2b75691b8d2c1ebf20fa
-
SHA1
0eaa738bd9f94bc776a28530d0fb86f358ae7cfb
-
SHA256
f520ea7d9749d7ca5a291cb8e6ad521ab1289e0099260827784ed751596e1b04
-
SHA512
9ae85df77bf538c0ebae3136e3da2b8d3a0c26fc440b46a7a8e4a47d8a0e49f893273dc9a764ff55ce6d2d14448cfc63201d43a932516860f5ad0761bf201357
-
SSDEEP
12288:BAP+YYsdoHMPT0PMfB6aa8Y64NbQv8Tcv6wZFCptfI77ggNqgpK0hT:BAP+YYsPwwMaa8YnevYwZFCpSHggNqgL
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2900 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2900 AcroRd32.exe 2900 AcroRd32.exe 2900 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00dd97c3431e2b75691b8d2c1ebf20fa_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5e2da0e1e1e503f20f34e560aed6e0e09
SHA1fcdef8171ad5e58e45e27a29b30a19a565c65f6a
SHA256874caa2dbc192f6a5a0740f609f24b5855f885aaac49f2931327af3a1eec6026
SHA512d9af80cb9a01676278334a1098bc94d2f8cf9bace3a7a1e022280efbc1279768b5806fdfc60f8a89923c5426bcec9dded68983762cbe28e2588ddf47b27db7f5