Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 15:18
Behavioral task
behavioral1
Sample
26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf
-
Size
9KB
-
MD5
26ff62e5ad798d26301926232919c8cd
-
SHA1
40a7c56d806ed9f4dc333f9f4f448f45fe253a95
-
SHA256
ec855d6db318d6ff0257a81bb7228c09b27dbf2b4d92e626510e02670c038c6d
-
SHA512
3fc6b7097eb73aca9de667612a599561bf58847d8ccab53296ee4911986e2df0aab3f4f61596e5c32d1e2aeff8c45a112b4c01ee7aafa53761ad5a0e8f4d1f9f
-
SSDEEP
192:7Pz4ULMxLIKXHszsdAJUl4ASIGE5tPBT/qv6BTz0th1gnjRIZgQaAqQAzepyQkCz:7Pz4ULMxLIKXHsAd6Ul4tmlR/qoz08jC
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2460 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2460 AcroRd32.exe 2460 AcroRd32.exe 2460 AcroRd32.exe 2460 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26ff62e5ad798d26301926232919c8cd_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2460
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5603cb81435689666927d719c77d56034
SHA1c63d3096e3ad07adf3cf5ca8e50912167cd4382e
SHA256322416a653808249d946adebdfb0640c5bed067e3bd8780afa9af9f46b5ca619
SHA5125e1acb501979f664be9b35f5272e33017195caad6192b53e6b36225f53f65f02b04564b022b8bb8bd9662a4e9081a02d5da4322f18d4dfd78be8df5af1d78654