Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 00:07
Behavioral task
behavioral1
Sample
26be3191fb17e6b25b66d918a4255d0c_JaffaCakes118.pdf
Resource
win7-20240611-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
26be3191fb17e6b25b66d918a4255d0c_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
6 signatures
150 seconds
General
-
Target
26be3191fb17e6b25b66d918a4255d0c_JaffaCakes118.pdf
-
Size
639KB
-
MD5
26be3191fb17e6b25b66d918a4255d0c
-
SHA1
940e26f08d7f23317873399ca37551ba36979868
-
SHA256
4287c4e5c5ccdbbacfa505f78770a008f0ebc7dafaaff0fe2f3176460c06df4b
-
SHA512
8a9df7cfbae4bfab81994e4134562ad1b72462aa19ea8641626a855d6d4cd09376f28dfa3da25220d07459c210afc177f3e2bfaae39c17ce3fd9cb3513974cdb
-
SSDEEP
12288:ISeLEFCcFIONbsT465paBqoHLNHPP6ldwD7oQ587icNyJH6/P/VLbxAcHZNdY:IzICcFwT4+paXZywDP0yJH65NdY
Score
4/10
Malware Config
Signatures
-
Drops file in Program Files directory 1 IoCs
description ioc Process File created C:\Program Files\Common Files\Microsoft Shared\update.exe AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2024 AcroRd32.exe 2024 AcroRd32.exe 2024 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26be3191fb17e6b25b66d918a4255d0c_JaffaCakes118.pdf"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
PID:2024