Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 03:17
Behavioral task
behavioral1
Sample
65d31738150a1e6b2a65720508b84411_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
65d31738150a1e6b2a65720508b84411_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
65d31738150a1e6b2a65720508b84411_JaffaCakes118.pdf
-
Size
43KB
-
MD5
65d31738150a1e6b2a65720508b84411
-
SHA1
2905e90782ca171272fb9426782c5d7c0af247bc
-
SHA256
b1a51a73b95378864c9e6dcb870f609a4590ade357b557ae35a5b49a7ab1d42a
-
SHA512
e87e643f0ee4c9d3a960d6f06d944106eab77c3022c3e8837c8e9937ddfe6b73100f8365835237eecd7625fbd01313659ea9267ac7061b7c2802b92df8c5cc7e
-
SSDEEP
768:EgGzpDfpczY3PTXTHgTLio52+CNvIpla+b7zQmR1whpO0NEDDNW25JFo321Ilhu9:xGF7pohCcvky06vNvNCuC8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2364 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2364 AcroRd32.exe 2364 AcroRd32.exe 2364 AcroRd32.exe 2364 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65d31738150a1e6b2a65720508b84411_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD510262bc6aeba6d814b143c06008958c8
SHA1a291bfa9382e98cffa9233eafe245115b9f4220f
SHA2561c1b094232d8eed2f33062d949529908443efa2580824c861c00c0f326e106fd
SHA512eaf4f91c955cc1e3eb17359f37ac855f8446d6a2e96976998dc3efadabd6ac34a9fb554f86eab84e02752e9bc15745c8ef4d66e9f7247913791ebf49f56ec889