Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:13
Behavioral task
behavioral1
Sample
a4cc221acd81a4788544cf99321dc0c6_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a4cc221acd81a4788544cf99321dc0c6_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4cc221acd81a4788544cf99321dc0c6_JaffaCakes118.pdf
-
Size
42KB
-
MD5
a4cc221acd81a4788544cf99321dc0c6
-
SHA1
2977c9e5364d690021efbe1f0cec86700994f710
-
SHA256
362d6ab250468dff78ab8e25af2d7b1cd693817c730f4c9358ed44f0ba541fb9
-
SHA512
02ef6e443c3e6ca2a7dffe0e2ca1fe345c96501884d8768689310865c4221bde9242b08f0e01da29e76af8932b161f23cbf47c98b69f261595848bd94b390a2d
-
SSDEEP
768:e0EAr2yR5B+kaMEsmyN6l7VLG8myufDQpaWFS2xJRbQ1i/rLvZDnpxCnCckEeHme:Aq2yrB+wEszyVLG8myufDQpaWFS2xJRf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe 2032 AcroRd32.exe 2032 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4cc221acd81a4788544cf99321dc0c6_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD51ad3898821c622961571cd803863a07d
SHA14ef02bcf9072750da6f49a2443daa18044e19849
SHA2561efc0ebcb36a0507cc1ffeab73ee1ac6640ad2f66035885e4064956a4a714ab6
SHA512c65836ac8c3f29434b995a07fece1c5d25067d0ac7f6708cf0f73277fc9967d88742aaaf73e8a5e4cad06a9f70ca5ecf04b6d7cc62ed58b73fdb9dfefa256c42