Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20-05-2024 22:49
Behavioral task
behavioral1
Sample
61314a26377b4d528e4fbf761d69fc1d_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
61314a26377b4d528e4fbf761d69fc1d_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
61314a26377b4d528e4fbf761d69fc1d_JaffaCakes118.pdf
-
Size
40KB
-
MD5
61314a26377b4d528e4fbf761d69fc1d
-
SHA1
000736ec69cd6eebef7bfaa3b4e690cba7266bce
-
SHA256
fad2efece5d9397f8ba4230c26913d26da8015575eba50e393bb2d0237c0b43f
-
SHA512
48c17e497191a959f714dc2b2b30a0e8411b1330fc7f0b0b93aa9bda7c13046b8ea47a36a79c4e3f5199f24176d3ecd43396d77fad92bfa1fd9894a30d9b5823
-
SSDEEP
768:OgGzpDMpvWiUK02jNd8XKUiKmUt+cFgVqUCj4tF+p/oHwpLYquekwabnyHJz3C:rGFwpvvZcGgFEF+SHwmpwHJz3C
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2508 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2508 AcroRd32.exe 2508 AcroRd32.exe 2508 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\61314a26377b4d528e4fbf761d69fc1d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5045623e9ff1a303131ea290a6faefbe6
SHA16ab298b19a7ac3aaf963367b9aebbfda431c43fb
SHA25662ac5ebcdb6cbbcbc5dac528bfc2d94979fcfb0fe23878cfe849e9f6860733c2
SHA512b278d3d05fa3804c762326391584f2f5e249e1e24bd90644442f7f6f59fe4637b9379b8a3f668267b7aef6a6125833bcaa5ed4f757fa24f61234e41f10f36bf1