Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 08:40
Behavioral task
behavioral1
Sample
1aa3980838dd02337ef7c8330615aa6c_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1aa3980838dd02337ef7c8330615aa6c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
1aa3980838dd02337ef7c8330615aa6c_JaffaCakes118.pdf
-
Size
91KB
-
MD5
1aa3980838dd02337ef7c8330615aa6c
-
SHA1
6163d91bdd2b0562e84a62ce652639666e64b207
-
SHA256
a9a0afc74cf620aa346b31adba9bf725f01b8cd0f65714ed0a9ae2406f46bc16
-
SHA512
f4976ba9beae915e4279fd02fbddf2b2b19097835fcbc7a56cd29274acf3667a07eb8a9f3a4066e3b966593a5dc9eaa60e17c7f374c54cd32ad5bdabef3cadef
-
SSDEEP
1536:gd+Fk/SrD/5hPgKZ4PCEAIZdPVc3RYPxwNuFJCW05M8CBxjpaWmpOSusye0vXr:6/SrDxaCIZ2SlJRxjpnSusye6r
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2896 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2896 AcroRd32.exe 2896 AcroRd32.exe 2896 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1aa3980838dd02337ef7c8330615aa6c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5cf4138e7f56ac1b2bea2fa9b6acd3852
SHA125bc3ad3a4de98b9af0c304d24139ff5b0f29d36
SHA256280a81cab00b237e97bf694c875f9550a97b6103151ab7b271f68fd58813c2b7
SHA5125d80f30143de5f4bac11f190a120d1e8c27b8cc61387573b35b8806f1871b4c7e405f3c72b8cd58e64d714f94cf05e32951bc31ab912bd6adfaeb24f69422be4