Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04-07-2024 21:07
Behavioral task
behavioral1
Sample
2636d4a653641ba6807038967f679808_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2636d4a653641ba6807038967f679808_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
2636d4a653641ba6807038967f679808_JaffaCakes118.pdf
-
Size
9KB
-
MD5
2636d4a653641ba6807038967f679808
-
SHA1
78deefc4e1dda6e74229ebc316031d4c2418c88e
-
SHA256
8cab88409e20fc39347e514b64c918b8fdbdc626108b5fff27417ae12bbeffad
-
SHA512
361d7b5d545755d3c79dcba2cdc29d599c2a9a9591744f765f7b271dd5ccb052a261033805d857ac67321e9b5e1ec87e32fb069fbb1510fd4e946f7e66674fdc
-
SSDEEP
192:VPz4ULMxLIKXHsfyxxdkL99uWKm34b1NMcJ81OAHOYBlrEvh8QtHBhhXwtPai1kl:VPz4ULMxLIKXHsfCxW99bd3A17J81BuF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2020 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2020 AcroRd32.exe 2020 AcroRd32.exe 2020 AcroRd32.exe 2020 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2636d4a653641ba6807038967f679808_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2020
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50bce5d4460d7949cd912e801a93c53cc
SHA10dd00c2f77e0151646b9b83a9becb435d8a66a43
SHA2569f2b2787616bb965ea0b12617e7a278fbd1a7a908d785053a203b15493b6732f
SHA512ecaf0ff263325f86fad7c142ce74e2da8fec97c8e8794b582671e5b0036b55a764181cb8ee7e7d21938b6f44530ea82ae06cb3518326fcde87fdb5b7c868d83f