Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:19
Behavioral task
behavioral1
Sample
a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf
-
Size
50KB
-
MD5
a4d1cefb1287310a0ea5775348777c15
-
SHA1
4aceb142a80689218590cb56be737fca6bbe4a17
-
SHA256
490036d4dc9b5534de1bb95a379a991d7a81d06b1f61a2e5ba927b529b0dac51
-
SHA512
59978cac7741fe785b93f1e96515d4446e1a6ac4847a3a093018c9b18bab624f39f0c9014f3af88ad957d64e03a3a56395325720f12c5ae0fe95615f32132531
-
SSDEEP
1536:pGFGprxb8t7tsBm+/+p8EELtbMDC1Ldbg4/:8FGpJ8rzl8E0eod3
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2056 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2056 AcroRd32.exe 2056 AcroRd32.exe 2056 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4d1cefb1287310a0ea5775348777c15_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD54f9a7849c1f02115e2fea79810a5261b
SHA115c7e9bfd8708c5cc829ce685695d7c0d7816e38
SHA2564d8daf143f433fc6d97a173a5444da8ac1fbc49a1291ad01c25eeae301c4d4d9
SHA5122ea81e749ec788f5e780976b251e498bcdb0e4bbff74f489add0f152128af321dcb59353ba7ed08f7048b728fe91f5781518fee358feb2aecd5c9f484541559c