Analysis
-
max time kernel
121s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 20:01
Behavioral task
behavioral1
Sample
687083ae9842218e2994e0df1d9839f7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
687083ae9842218e2994e0df1d9839f7_JaffaCakes118.pdf
Resource
win10v2004-20240426-en
General
-
Target
687083ae9842218e2994e0df1d9839f7_JaffaCakes118.pdf
-
Size
43KB
-
MD5
687083ae9842218e2994e0df1d9839f7
-
SHA1
c3d1e681feaffefea533411a1ad3db876b01c428
-
SHA256
a89c7a0e01b9c5baffdd13be19e6abee80af7570a91a669ae0fb83ce67e2fc72
-
SHA512
aa9af3463009c23442f7b653e317792a21b26f3ee095518a14c882aa3e3d580662c0bbc3bf568e1c79093dbcbb3a1c66a3552dfbf61b6ed22d99b71aae1875aa
-
SSDEEP
768:hlrzl2BTfxYaIAabEpDs7xfCvS5DC1npzc08HN2O14aVjVFis1oPuVLG/PmSWE5y:zAFpEb+DS0I21npl62O14sjVFis1oPuJ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2764 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2764 AcroRd32.exe 2764 AcroRd32.exe 2764 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\687083ae9842218e2994e0df1d9839f7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD59fd1d5aa52e805b8d092053728a0e578
SHA121560818ae26ac0120c7894d9fc5b10b3de86141
SHA25624f59d975b4c8307aaa8a2155c5ef360d81f2b506b0c3283f4075e23b77e40b9
SHA5124fa869a77d411822670c9b639e7f716a3c96c712b8c1c08d446a3c3577eab139fa1acce0cf89d75110f5930da7d5eb9193883c766b6283db831a27d5a6124d12