Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-05-2024 16:13
Behavioral task
behavioral1
Sample
63eab64c7624687d95ff809b74101a9e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
63eab64c7624687d95ff809b74101a9e_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
63eab64c7624687d95ff809b74101a9e_JaffaCakes118.pdf
-
Size
42KB
-
MD5
63eab64c7624687d95ff809b74101a9e
-
SHA1
ad4a3a51a741f0bf5a85b32bce747e3090ae7497
-
SHA256
1f110f334312436ddd2c79269a01242abd28ea3a71ac9c3ba732837017b718fd
-
SHA512
800f4579a3d205b02464fc68eb2710d842a7c27f26c7f4ddd816919cde8e8cbfdd3ded28bdeb25a778d1fd1974ac361c49f3f6532a2d1cb95d7642dd0146a3a3
-
SSDEEP
768:e5gGzpDpA2PkBCzE9gn/wTcllBL2w6ntZi68CK8AIr8qgSgJszGeYweA:hGFlA24ZuClDVgSMsmweA
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2100 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2100 AcroRd32.exe 2100 AcroRd32.exe 2100 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\63eab64c7624687d95ff809b74101a9e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5894d1198cb9ccbcf629d42b5a1b3e3ec
SHA1fea8679a321ee7106114185e811673d247bdf041
SHA25653e91ae0ea42029ec99fc02284a8cee63f9bc44876bf06bd36c09769c16eab35
SHA512be078dd6f9437053f2275a8d1cfc955b591e2c03320d2085d82b2a66ae41fb053e7721ba169b4a5639c55b08068c55633d51eb67d53142ae3f265800154dab24