Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 23:37
Behavioral task
behavioral1
Sample
26a84bfa933d9f38764acb3091d58f62_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
26a84bfa933d9f38764acb3091d58f62_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
26a84bfa933d9f38764acb3091d58f62_JaffaCakes118.pdf
-
Size
7KB
-
MD5
26a84bfa933d9f38764acb3091d58f62
-
SHA1
f65bc4fd4bbf6943d4141273bb88e7f0522d048d
-
SHA256
7a584f8245a7564ef70ee81b6575ba16f0041fab211f5d79ebb434c713506c67
-
SHA512
7b1387dc3b2981c78eb6a581c2e4c7f0c5d8e9c58d65451fbcaa169c7145153d0272c082e5932d24785518673f6e936165a199a2e67c83d2a2536652d3e78150
-
SSDEEP
192:QP5uFm4keDmP1+bcTt547oprSTRX6LttbJ3fzfeY1:QP5uFm4kz1+bg547oprmKttbJ37feY1
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2756 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2756 AcroRd32.exe 2756 AcroRd32.exe 2756 AcroRd32.exe 2756 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26a84bfa933d9f38764acb3091d58f62_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2756
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c08bbf2db1bef7812d1167a91d9bd859
SHA14055fc48c5d6c10327a9792af18d2d2801fa9b19
SHA256b42f6b1d2666c35bbf72f7197165c3f62ac82c0e19f61667641f78419001c159
SHA512309546293ae7d403c691ed47347a7a82c86940754f8cd771a17265d4ff4d56c87c4aca6f279a21f67d4518ac0a2c33934bbe8b95029d16571aedca67f7e6697e