Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 13:23
Behavioral task
behavioral1
Sample
26f09b78f0cbe08b5bb08b43b315f5ec_JaffaCakes118.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
26f09b78f0cbe08b5bb08b43b315f5ec_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
26f09b78f0cbe08b5bb08b43b315f5ec_JaffaCakes118.pdf
-
Size
7KB
-
MD5
26f09b78f0cbe08b5bb08b43b315f5ec
-
SHA1
f749f9b05417b5e4d762c816290340fd50ef2e7b
-
SHA256
2ce04d190ddd97e0452669d4db173ff73a393f152360f4a2d715442052f3eb65
-
SHA512
82413df3ab41dd81f0f6c44b8125a6c1bf07161d93d7160f1d1bf2f1c44c286efd57a6c35ec6f61875264a508779ae90ed032a2cb7aad6526d40cccc129e9ea2
-
SSDEEP
192:oP5uFm4km1fw4okGjFzW11XVnWBrjBWR+o1ttaRYchkyKYS:oP5uFm4km1fw4j0Y11oNWRr1tt64YS
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2992 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2992 AcroRd32.exe 2992 AcroRd32.exe 2992 AcroRd32.exe 2992 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26f09b78f0cbe08b5bb08b43b315f5ec_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2992
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51511405b282071ddee0b202bfe495970
SHA197c2614b902f038fc02288adc6f768effdbc3068
SHA256fa776af213d296ea281844a0e7bed24527e80e418601b031dfced57a3138a1a1
SHA5123807e193ca7fefc942607343b3a5866bc373c79cf5a4c40d4dfdc24cc9ee51f8186a1a17052ce784b0f213984190d6256439f6018cbb3e6b51b2a50d23c6464a