Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:13
Behavioral task
behavioral1
Sample
a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf
-
Size
38KB
-
MD5
a4cbf126e9aa5fa66c5d6af53c7fe350
-
SHA1
beda31478c21d0c5a18229d2f870d1ae51b3a62d
-
SHA256
efe2c9125283b00d1a5e6916cad97aeb468bf9aa6adf00468ee3483f3fef99bf
-
SHA512
28c6d2a63195421f4f34ff075883f97fe651e5e262b7fd00f4e8198a2a531bb6e9dceb2a81e069ae37d9417d56cab2679c7649b00d9ae2e9c86fc60f860a3169
-
SSDEEP
768:CsyiGB4NN2oGuuTfBe4m4eGEwq738vEyyOnpyNIebQp+JzgKQbaOsKBYfpWnh5SD:Csf+8FuFepxX738vEyyOnpyNIuQp+JzN
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2452 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2452 AcroRd32.exe 2452 AcroRd32.exe 2452 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4cbf126e9aa5fa66c5d6af53c7fe350_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD515fedd09ae557a46c08253bbad5da812
SHA1a3e61f4206b3efb99040eac0c01603a132d396d0
SHA256677d1e44d35dbf8a747ea4883872a23bf7ae95fcf10967581fb3aaadb7bf7ccd
SHA512d910f883b18b9570c8e8578574ae75d4e579b51b6bc6cd4f6e4dace2000a03ff4024288472341174c9e481a514f8c169892500118dc0aef53d05d93374b7ee38