Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 01:49
Behavioral task
behavioral1
Sample
65954e9886830723f9202633fe2cb746_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
65954e9886830723f9202633fe2cb746_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
65954e9886830723f9202633fe2cb746_JaffaCakes118.pdf
-
Size
40KB
-
MD5
65954e9886830723f9202633fe2cb746
-
SHA1
f65cdc5a626525e8587662b391b7431a0ecb84f5
-
SHA256
120f6862f4ed0aed90775c1fd7e3f5210f9ddf597148efa65759b889fb0aa201
-
SHA512
9bc449cb8110c6f5ccecb989989cfccf8bae1e21753d5097ef67b57661bd1938cedb010bdb7262d80f4b7da7ff69d84f9b163f9ef8a4e44fc0858cef5d72d09d
-
SSDEEP
768:fgGzpDKpfOB/x+Yt1SaErQc/OK72XPGCxeyGvD/Inr1z+FTAZ0PG:oGFWpf9amOKtSELmCo0PG
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe 3024 AcroRd32.exe 3024 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65954e9886830723f9202633fe2cb746_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5101f09e96b2ddc5cacf852ae98b7133b
SHA1e39c834a168fd2e0b4acd0b02e629389f58cd2c0
SHA25634b6198ca81a150eaf87c0b90df9c7bf6471fdfe7bc5186836690acbbf26c240
SHA51250f97a8dd14575e17ac9e2ac3ffa23aec1e07016b5effa4a954941d3095a9c5fd979891bd75d479f39bc80c6beabb94e27588921ec2bd9ceabf6f0c39d38c32f