Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 07:53
Behavioral task
behavioral1
Sample
26c612412b5b16e469d5bcbb575b808f_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
26c612412b5b16e469d5bcbb575b808f_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
26c612412b5b16e469d5bcbb575b808f_JaffaCakes118.pdf
-
Size
9KB
-
MD5
26c612412b5b16e469d5bcbb575b808f
-
SHA1
e101fd0abce9f55a52d807212aad223090cf8193
-
SHA256
ca7c5dea45135f52d6a6d6e7466f605e944fcf897ac7f1813828f1e203c4502f
-
SHA512
77a5c15c4db6855acc2ecfdedcbbffe6de1ad1a6bde7a0519d65bf039bf99883a4f5cff5a4915121802caf66757a6dec0f54baa869173174a487c07718532a8f
-
SSDEEP
192:YPz4ULMxLIKXHsfyxfsPhL9FahbU8TvCQuQXAUow6QMcwGx1kFUUeluKqBKkCU:YPz4ULMxLIKXHsfCfw+LtlDowysx+FZJ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2412 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2412 AcroRd32.exe 2412 AcroRd32.exe 2412 AcroRd32.exe 2412 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26c612412b5b16e469d5bcbb575b808f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2412
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d48f1edfff9dd703cbd7d5ff14765a61
SHA1e1b477b2287bc3715d10cf28f2f3dc481728058c
SHA2567d4970f4ebbf48957bc7687752bcfdc6949f212b655e8574f1e818120055f170
SHA5126fffd5a30bbef3f7e7e78228987f8827cc7400f424f4940f3fd029d05f6caa02e838523d5679e419697be2715f0bbc172f5931e764aafc514eb00c2ac9136b73