Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 03:23
Behavioral task
behavioral1
Sample
65d7010d1a86462a9cb3e3a60f116035_JaffaCakes118.pdf
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
65d7010d1a86462a9cb3e3a60f116035_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
65d7010d1a86462a9cb3e3a60f116035_JaffaCakes118.pdf
-
Size
40KB
-
MD5
65d7010d1a86462a9cb3e3a60f116035
-
SHA1
6f7e94c40dd80f8783f3274802c8113840a5b99b
-
SHA256
8aa277cb756e22d3f3a3a1be1ec7de538399aac110575de62957259b1d6aa3f1
-
SHA512
b41352670467c23a512d33c1a35db695ebc9820161d7575907c587f9edb92fe68d3fa1bfc95fb4335ac24d68ee2483f30d70e7c639969ab9bb1d390c9e2d9e92
-
SSDEEP
768:Y7qdtp/1gP6VGvYTvkFuHyElWSSY+vpgZTQanIG+5E5/XuMZmwgCLWar2Q:YiJ1gP6V6WcBElWSQvpgGaIG+oXFZmG9
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2904 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2904 AcroRd32.exe 2904 AcroRd32.exe 2904 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65d7010d1a86462a9cb3e3a60f116035_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD529c33b31e1f638eba4be1263e4f9caa5
SHA1cf5f352cdd0e546cdf9d12291d61ef4ccd097ee1
SHA256a23cf7f9984cc63c5577a086a0f248c0c8590316f3440253070762427f13ee69
SHA512c12020b1fcf5ae23a1cea5bdd8fe52b89f988ac46a8d6e456a42c1f5fac2252db504bc462f542658d9d8f6c865e26e552f24d3e3275c3825cb9459a9c3a30d88