Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 09:36
Behavioral task
behavioral1
Sample
a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf
-
Size
128KB
-
MD5
a4e159ed34d7c243c62d87f9b523fa66
-
SHA1
ee0f4c5cd812c48e296c0fd262aa3e821ca341cc
-
SHA256
ef4ee6313b5cbc7cef0d303d89ec1263a27603383fad7719b9e7d27d671b26c9
-
SHA512
d5383aedacc079d218181fd8402b99195e7e86bbf5f8d681c0445c6e3995f3fd91eecbb7fa3d99b66b9a9d9963b333b1814eba1a3b9a3f55f07ebe39795d3203
-
SSDEEP
3072:UysEpuvbX7Sn9ZV8Kfxwu3eEZhLEh9eHHcnYNsLyp:duvXw9X8KjeEzEhUHEL2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2576 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2576 AcroRd32.exe 2576 AcroRd32.exe 2576 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4e159ed34d7c243c62d87f9b523fa66_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD51bb9ab6af07948949eeec130e27d9eab
SHA1029f94691d7c464b6ab727f96919d676ff44d6ed
SHA256311487619418c1196398bc195c07ec3fa8093cc2c6c2a190d82a712ac2d18e06
SHA512d664876bc12ca13796f4b0700c78ae64ddca33538007e3df55a05217ec01be6e56a4477a970c9d9306e837b3d274c5a6e8f805c92625060a0ae3d2c605fc30dc