Analysis
-
max time kernel
93s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 21:48
Behavioral task
behavioral1
Sample
26577b00b28af00cad99e969effe076b_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
26577b00b28af00cad99e969effe076b_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
26577b00b28af00cad99e969effe076b_JaffaCakes118.pdf
-
Size
8KB
-
MD5
26577b00b28af00cad99e969effe076b
-
SHA1
e1d0dd23fbffe021377e47474d332ac249e01c50
-
SHA256
d4aa4e12a7bc259253ddd8cdcc2efb2a5a14bcf255024672b25a51c045e5daf4
-
SHA512
e858f37666ccda0feafba54cedcab28e1662dc1316dc908a7e090c006735c3dbd9cfbcc2a7caee055b8246d0bdb7132c9e3d759fe8192689d6e664a8eb6eae15
-
SSDEEP
192:CP5uFm4kkZiE6DPYI061OQoBUA9Jpb8ld9oAtdIm5Yd:CP5uFm4kkZ/NWsQG58dWAtdIQYd
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2388 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2388 AcroRd32.exe 2388 AcroRd32.exe 2388 AcroRd32.exe 2388 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26577b00b28af00cad99e969effe076b_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2388
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d593f9a01dd4b35f22be847234b01d20
SHA1d6f303b73e6966e78bccb73038fa7d730f22a690
SHA256284da1c674204f350db24c41ecf5518ec28130b3697dbcddba4d1b4443537802
SHA512145bd638dc1c00748162c7b1f3a62329fb7905ccd5c8232e0792d7a15fe96954acc539fb14828b6e7549f4dfacd9ab85c17e7854660e5a16099387a5a441923d