Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 18:51
Behavioral task
behavioral1
Sample
68436d79a85b35a018f7b34399315777_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
68436d79a85b35a018f7b34399315777_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
68436d79a85b35a018f7b34399315777_JaffaCakes118.pdf
-
Size
48KB
-
MD5
68436d79a85b35a018f7b34399315777
-
SHA1
42873b943f4190cca7ee963a157956c19322dc37
-
SHA256
d2f0e1e5cdbd4d06ba566ee27df2e83de5802c02f7abf48072e022a8dfa68c84
-
SHA512
b296dd62358f376ebe55468ee47890d8a991ac964c278d30f5ff7ce514483f43c786c7e04d9a0e726dae6a3cd611c69464ce1bd802064e91de3b04dd89dbd115
-
SSDEEP
1536:TGF6pP3JVi9US0gXyVEpqResHzADvs8kAIVAQWDEGsouYPItkV:iF6pu9a8kAmAQWQsAo
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2528 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2528 AcroRd32.exe 2528 AcroRd32.exe 2528 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\68436d79a85b35a018f7b34399315777_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5c09b3141e82016dda19d92cb97060f99
SHA138f9df2c6fc2143a5aea1e645eff470736eac597
SHA2564a85823fa23ca2fc3465e3c405357d496dae89c0f21a599fe23666f221681a97
SHA512a5fb04cbd439f85b75ca55591a7e85fb9830841e9f5fe0e03092e339b55fd724ab16a9a0f2d1f6a333d8526dbb9f6d179c9fdf37a2b0c9d4b9f86d3c5ad183e6