Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 11:07
Behavioral task
behavioral1
Sample
1b0f91d882f0916e2d0ddeb2c4a9f324_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1b0f91d882f0916e2d0ddeb2c4a9f324_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
1b0f91d882f0916e2d0ddeb2c4a9f324_JaffaCakes118.pdf
-
Size
81KB
-
MD5
1b0f91d882f0916e2d0ddeb2c4a9f324
-
SHA1
900c6c1a0509daae3947cea3051de22bd6f5e570
-
SHA256
c7208808082f54132583f3ab75cd59bbded36e5e150ec65d8a52e15b2c2ea9b2
-
SHA512
94b5a4f1c8b99bfba365884bdab37df5093ec11dd0b9913cf0f7b9d0e9e2e664d2b587ff493f295c74eb99eaf3aa438625923f9360f3f74bafa969c38342f8d6
-
SSDEEP
1536:qjnaBEQpUCzsSRE/nd0bgHuj+mnWdzTMFiSUKx3Mp3LEWk84dUf/OJaa3JWepOZj:VBEtC7EFwournW1TMTUkWLx4diGr3+Zj
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1868 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1868 AcroRd32.exe 1868 AcroRd32.exe 1868 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1b0f91d882f0916e2d0ddeb2c4a9f324_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD57a88f998561db97ce1ea98f5a51139e5
SHA1f2405da4127400e4b415d9d0e0a556edcfd6ac86
SHA256f6f6302da4a78d303d30e9bfb25035fd4f9fdb5e30226527dd05098c00bf47d5
SHA5121cc17d385d7081d33a3632a623a78a5a37c27589f9a8b8dfcdd67ab6727ca8e60631462dc32ad756b88bdd074db8bed0ec4d77c6811669955bd8f539e47932f2