Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:28
Behavioral task
behavioral1
Sample
a4da205cd6c8411f851f5ba7db40d4db_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a4da205cd6c8411f851f5ba7db40d4db_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
a4da205cd6c8411f851f5ba7db40d4db_JaffaCakes118.pdf
-
Size
33KB
-
MD5
a4da205cd6c8411f851f5ba7db40d4db
-
SHA1
1383c77b15d629641f6de0ca3666cd2ef48de7fe
-
SHA256
dc69d1a61e1ee44d229c1f73097c76ab34f05f522362947983104e51d86c3ccf
-
SHA512
6367d008425228fff8b912433f26feecfaad17034ee12c6f97043a504e729274f551c45105cb777d034b3df93e4e8abb30934706bb0a93962ba1ffa4d3dc7c69
-
SSDEEP
768:qXuMZmwgCLWarzaZ91sre4qel2IfTgGVIOHLu2cDm1:qXFZmGWSetal2ETgGny2ca1
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2172 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2172 AcroRd32.exe 2172 AcroRd32.exe 2172 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4da205cd6c8411f851f5ba7db40d4db_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD52547e177154bd68d559838386c0a1c43
SHA160b7ae7a0b4479a273436dadc259de71bd9b4edf
SHA256aeceeea620b15a87a521799b635f1745c742fa0b38f06a0ce44d648efefb593f
SHA512eadc35d47b34f39cc1fc4c34ff8b9642f144906a9343a66b2b6c9e5c0259f325e699300f402f007c20a62e3d6534538603ea0ce88ac25a2b0518f0795887cc4c