Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 00:52
Behavioral task
behavioral1
Sample
6933e70ea8e9a277db8b5dbe085b9592_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6933e70ea8e9a277db8b5dbe085b9592_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
6933e70ea8e9a277db8b5dbe085b9592_JaffaCakes118.pdf
-
Size
34KB
-
MD5
6933e70ea8e9a277db8b5dbe085b9592
-
SHA1
af7712501fd43dea376381318b0c7e1b4e68a67a
-
SHA256
088ffec0a6212639bc6bbd3a2915d0d4dd2663933e1dedb74ec2d0d22c4ffa86
-
SHA512
508375cf8fa723103c1789e857c114f937c8a3c083befac898abf8dac31935d1df10c1e10c09d9723a8742fd028378de1dd1404ee1b6174b5b974480a63a5255
-
SSDEEP
768:OTtTUtGgnaVMVxit10PtVNpDYaQDWE59XuMZmwgCLWarNr:OxqdsMVxit10PtVNpDk9XFZmGWSNr
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2124 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2124 AcroRd32.exe 2124 AcroRd32.exe 2124 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6933e70ea8e9a277db8b5dbe085b9592_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD565df23ccb8cd9018466f3aeda3db0758
SHA1b63525e7d603acaeab4a5c0fccdd3fdf01f0a60c
SHA25604ea7898af3efcfa49e2332c3db1d3e80e2a671cd4bca1adf65c6eac64bd285f
SHA5120d8e2e7c3cb16429fbb61f1f730b1d3f7bc15d67774c5d496101e531c40ec567085012b4b77db4dc6722ea1a953790d0d71aeb6e84b62ed039bc20df2aa62a58