Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:33
Behavioral task
behavioral1
Sample
a4dd8c5fe4e72e1c771331984eadedd1_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a4dd8c5fe4e72e1c771331984eadedd1_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4dd8c5fe4e72e1c771331984eadedd1_JaffaCakes118.pdf
-
Size
48KB
-
MD5
a4dd8c5fe4e72e1c771331984eadedd1
-
SHA1
ea63d3746d0a8946769958f35245734f8faf89f4
-
SHA256
140e09d3795d6c2d9594d785ad2b6b3646d695be6b82bf0435c5610ddee52fc3
-
SHA512
b5c53a218fe7775de8a5d07bd45a0daf586dbfc9753d13413d7c58835207f72ec56773cfd2ea5fc187773b8d7b65904bdf0f2c4cc2256751aff6d29c8789e9b2
-
SSDEEP
1536:ZGFh8OI4LLV+f5ARBkE9KqYp0WuT5br/W:sFh8Oj3kBpk5ba
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2104 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2104 AcroRd32.exe 2104 AcroRd32.exe 2104 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4dd8c5fe4e72e1c771331984eadedd1_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5a1611a6b96164a66705513e1615c60fd
SHA194ea5d7c8edfb3132c19ea3aadf30c0ec5600c35
SHA2565a5d17c24f4e6efb5786c585999a92de6592ab4d3866d196c0bfff2d87c593e4
SHA512feed0fad58c9bdd9a7b5c6defd8e8060349af3a4e52963065b6cc1d907f644de61967c58f3dd315cf0cdcc2898e151261bb0f38d59ceb890de43e49a24420556