Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 03:47
Behavioral task
behavioral1
Sample
65e654051d52b40a2b23895b1235c664_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
65e654051d52b40a2b23895b1235c664_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
65e654051d52b40a2b23895b1235c664_JaffaCakes118.pdf
-
Size
42KB
-
MD5
65e654051d52b40a2b23895b1235c664
-
SHA1
ff6a74a7db31956bff3472cbf252997e4a85e196
-
SHA256
7b9884eb70a5fb19577b4e89a7ec798d20b8da6428492564acb3dfb2401aa7fa
-
SHA512
851409c23dcf09f41599ce16efd79a5a3ee6f404cbdb09432cbd9df1d830b8e326d6dc4d6a3f2ad8d1aa61614b3dd44b20a5957390500fb9f47a3b9769800d5f
-
SSDEEP
768:RR6qvHDz+HxplZoDIxyYi0IHaamiNFTJA5lykBjImtu+DQEalFV2qJwbA16/CLeV:RwjHxpksxzJHamMa5IkWmtu+DQEalFVK
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1608 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1608 AcroRd32.exe 1608 AcroRd32.exe 1608 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\65e654051d52b40a2b23895b1235c664_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5e4087846297b569c03611cb4d8bc48bb
SHA1af785c03cba5bf113ef7a9f02725a1753545429c
SHA256a6e39e9f49fdee040c6b69f89af6350b493d548ac3876d4c3c4c76263cb0b6ce
SHA512f21eff335c7033d225af2fc3343137a16711e66027f5f1285c6202b713aded2203c61cb033432db52eb9ae6c05292ae816c5832742a100866956f54d6ea2456b