Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:31
Behavioral task
behavioral1
Sample
a4dc0b4b1466c0b58f793f6c5db28af3_JaffaCakes118.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a4dc0b4b1466c0b58f793f6c5db28af3_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4dc0b4b1466c0b58f793f6c5db28af3_JaffaCakes118.pdf
-
Size
98KB
-
MD5
a4dc0b4b1466c0b58f793f6c5db28af3
-
SHA1
ce3d28f8877aab8360efb9b3885ea288018d6974
-
SHA256
57cc9cad33cae1a8770d9365ae8ace3f0edeb5c850bd406ff5567ead329e0e0f
-
SHA512
7d7a685578ee24a3e5424ae67ebc46c14e94994944295420d8bace0c0ecf22b0a941c2cf9b5c9e69075e6003c8ec528ff1e686e7943688ad9c77b62b1c00867f
-
SSDEEP
1536:gGFOpXOg2Fvsh/dZqzF0VaGX91aqgMOkLRa7Q7XlwNWgNjzQtCFBxsQGwwsb00Vk:tFOp+v/qkGX91EzdSqZjgQG7XBfFUkT
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2244 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2244 AcroRd32.exe 2244 AcroRd32.exe 2244 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4dc0b4b1466c0b58f793f6c5db28af3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD55a4a5bd4c5fd04a2211204915291729f
SHA1ce7d6e842a5d69f7dab182b1a027b197939df8be
SHA256041b284780200b101d47ed0e0fff7e8e66c41446be97243acb4aea10ff9c1e50
SHA512617a7195a54cd4e720e578a1913156e19576c8d02bae54959706b456ed76e7ff33bc22a6850e6771e53e99b18e0153c2d6f7775e995e4a28607033a8199a1103