Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
04/07/2024, 21:03
Behavioral task
behavioral1
Sample
26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf
-
Size
87KB
-
MD5
26337219076024aaca2f0738cdf84798
-
SHA1
e24e3eaedd56e84cd633900f34477540dc463649
-
SHA256
b2338b1c260ddedf458234c3afc4b6dd5fa341acf2c605af0c6a898bb5d80943
-
SHA512
b5fc18a48aec78e998dbae2d42efdfead19d8dc6c93f8837d4ea71a25fc39de18267fae9dba00592c1ad476b7382a1e9aa19743dfce366e254dcfa696bec6cb3
-
SSDEEP
1536:fAncgc30F06piQrNSriZFQGSLYrDW3T1q6X6lSF+ZVHVRKW3m6Tu1n5qMR6W8pOr:2bxNS2ZdtnWD1qWHFOVLm6T6nHRB73
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1616 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1616 AcroRd32.exe 1616 AcroRd32.exe 1616 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26337219076024aaca2f0738cdf84798_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1616
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD522e5fe8abeefd42d65b7a5df6dcad2ff
SHA1d2ece7fb9f43e9deea2a29f6b912f0076f69153c
SHA2563b233350900ff45a93c26a170163e9d952134cd409431a76ccc596fc4cf7823b
SHA512577513234772571546d5058bebc449f6c311f58f85260847ee8d51e1d71f00a90ef9447c66b2ce898fe25d0b152a088244193eadec748c13131464f43ac20e8b