Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 20:01
Behavioral task
behavioral1
Sample
27171bd37242dcc6e71fff009f2b0a68_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
27171bd37242dcc6e71fff009f2b0a68_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
27171bd37242dcc6e71fff009f2b0a68_JaffaCakes118.pdf
-
Size
7KB
-
MD5
27171bd37242dcc6e71fff009f2b0a68
-
SHA1
5697546e5cde897eb7b1f82a226e22d0c7dd9e4c
-
SHA256
cc3f5b7f6b0d0994ad5cc5b17dd4a17b75be2426ba8e9ac3b9563ba2be5e603e
-
SHA512
be27afd26336d92f5ac221c5f82fcef6eea374fe81c9a3a8da82de2384b45639add007f0af69e9a811f51186307299a2a5c3a698eef02e6aff48d795095ae873
-
SSDEEP
192:YP5uFm4k/zxZLCNxSqiYuRs+G7+GAluUSRVGDNBE/tAdIYu:YP5uFm4k/nLcxSqiM7+UlVGnEtrYu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2320 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2320 AcroRd32.exe 2320 AcroRd32.exe 2320 AcroRd32.exe 2320 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\27171bd37242dcc6e71fff009f2b0a68_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2320
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD587acb0f0125e6fb2697dee45dc84092a
SHA1c5fcca7dbd45564cd4258e105382c84f227bc1c3
SHA2566138253cab4da60fb0d0306583eb42370d677983e28b8e7705cae8598e02aca7
SHA51231725c8c5341c6e4da2056a7a824525c78b7cdc206d77edaf542abed0358e163275f27775619f077aa1c9024ed3b2cf663897567b19b3ba8e54e46e60806785b