Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
21-05-2024 14:25
Behavioral task
behavioral1
Sample
639b579a9747c9dc2afea6c6cf9ea151_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
639b579a9747c9dc2afea6c6cf9ea151_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
639b579a9747c9dc2afea6c6cf9ea151_JaffaCakes118.pdf
-
Size
48KB
-
MD5
639b579a9747c9dc2afea6c6cf9ea151
-
SHA1
942fa3e662f1b11cd912957f0a21a7629ac20985
-
SHA256
15d654aeca1d755e986f65be4d0ddc4991f795fba1d423b8dbfe8d56041b372e
-
SHA512
5b5ee0d81d64dac98f61b49b1fc774e1029e4107f69875adc03cde775a750657c3a78ed137b8130db3088a35de823319842d1c35f935f52b3ddd950bf4a7ea11
-
SSDEEP
768:IJiQGzPXour39Xs6nffwgJZtOAa7pXovvzeX1AbXfITHfecvZaxKzo1GzZF8vnwr:CJGzPXR3CEAmjHzyAwGqZaxgShTVry
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 940 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 940 AcroRd32.exe 940 AcroRd32.exe 940 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\639b579a9747c9dc2afea6c6cf9ea151_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5cfa6aea83d6ec7d0014921a3d756b2a6
SHA1fc1e00ee31b666ee3024e059dd92e1c0eb466def
SHA256de87ca7c7850ad025fce808abbba3f2abfd3b6619e075ceb83fba7f117dfab30
SHA512127a689b1bcfd7fe8cbf8fef5af4ff5365d68c2d793290ddfb65dd5e314ef23f8c9c559ecf59f33cc82101c8db857743eeb1193f484428a7009914ff3f76c18c