Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 10:07
Behavioral task
behavioral1
Sample
1ae1bfef9c120f5644ebf4f0825944c0_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1ae1bfef9c120f5644ebf4f0825944c0_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
1ae1bfef9c120f5644ebf4f0825944c0_JaffaCakes118.pdf
-
Size
84KB
-
MD5
1ae1bfef9c120f5644ebf4f0825944c0
-
SHA1
9065dda4a3a9c263cee9bbd98359c324d9b65a1e
-
SHA256
859717b0b86ab9efe4c04739bef5fbb14a14674235723c93fde5b34fceb050fe
-
SHA512
8f9be231b7bebbf7571570000807d5cfe5eb11a67f772aa6fbd933f14a8445e768c74ae3c66ecf535e4d844efd8b315fd551544ca4149fd49fdbd9801f692fd0
-
SSDEEP
1536:YnzqKFvSmTjmYS8bnal4/ZYdRKCarR0c1b2VTWXsJtNWapOtQH12tpwJkh:GDFd+FYnSmeRKCa1H1M1jStQH12AA
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1040 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1040 AcroRd32.exe 1040 AcroRd32.exe 1040 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1ae1bfef9c120f5644ebf4f0825944c0_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD577e9bb239786a7874da4dc0a754d726e
SHA1c8176bf7e759dd5e9422095484f0f1a1ae7d410a
SHA25624ce4c69f4f8b19011572f1511b654997c24cb0ba6f35f2d0c23d61c95089475
SHA512abfdae9dbbec012f6ee178ae43905534abd4e918c0cf9f3506eee01f8fb20df68b7743ff684b8b0795e0d536d3b0724b905f361dc068531eb76df628f4e73e2e