Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 07:42
Behavioral task
behavioral1
Sample
1a7a043fafd773726b8e0853a34af78e_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1a7a043fafd773726b8e0853a34af78e_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
1a7a043fafd773726b8e0853a34af78e_JaffaCakes118.pdf
-
Size
3.7MB
-
MD5
1a7a043fafd773726b8e0853a34af78e
-
SHA1
739f351a08a3d9ce2dd054b49351aaf6fa376e82
-
SHA256
d263478566ac5937bc0be540359542170c4673ffe17ef4238c4fdf7b32d4f396
-
SHA512
e83d6a9964916e213162f101dba576e5d3b37effacfb815d9c018a59e2ebf80ed894a73c835167bf206e39aaa7fc09007c14d4cbb66b5dd96784e058899fde7a
-
SSDEEP
98304:tMvJQ/sy7IhoVUpSaZMDuX3ostnLF05m4mefA1:g2E9pSaZMDe3vtLe5mga
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3024 AcroRd32.exe 3024 AcroRd32.exe 3024 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1a7a043fafd773726b8e0853a34af78e_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD56ff8438ac4d74fde9ab57c5e21a9c54d
SHA1530726d6bbdb9fc4062a82a27ef215ed2f4d6276
SHA2567d9e2f7d47268991fcc965bb4e82539c3a13058563b6e3831fc925a789e63c5a
SHA5128bccf84b04a4d14ec3d272cc78d6ccb00e391c29cd5f0eb3e7350a716be689983b5aa08fa4b18bf56bc46c232c1105d4d1c1293497c7d2ce8b7b5be6057136e0