Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 10:43
Behavioral task
behavioral1
Sample
26dc08a3dace347c0428959b581c4ea3_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
26dc08a3dace347c0428959b581c4ea3_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
26dc08a3dace347c0428959b581c4ea3_JaffaCakes118.pdf
-
Size
11KB
-
MD5
26dc08a3dace347c0428959b581c4ea3
-
SHA1
b374726341a392a151909a21a37fb6d3a8c4b285
-
SHA256
11548f02b8a68ff426151f537a25c320d02a0b95a1aaaa78634fcdf16a5e4667
-
SHA512
955b51ccf233d0657d405157f9c44ec3b4bad9a236f7403105a68692deb062c96a3ecda511165c9b6c2c40069c49c60039b6d3c1718db87f8a4bf3b37ab66f6b
-
SSDEEP
192:EPz4ULMxLIKXHwmBQbVFHP5eMw8AfyanZivmLhVXIAnz4lySpx2sS0CADl/Z89MT:EPz4ULMxLIKXHwm25FvvwGKll8pxlCeZ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2380 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2380 AcroRd32.exe 2380 AcroRd32.exe 2380 AcroRd32.exe 2380 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26dc08a3dace347c0428959b581c4ea3_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2380
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58583fba28beb75431fe439d9035da357
SHA12d10c6db6e0428a32ed1aa7280b38c6c99909849
SHA256aba2ef463f005d88fb735e9f99aa4cf07e8c8e495792ca4aa139e52f551c2cdb
SHA5126a3dcdac5c4909b2bd5ff92b8d9ef40501c416b60cb8d4fd090d492724c9cac377070c85d96b8f71dbe851c764f5b63e0a34a8d1396d8d26ea34b78118efe470