Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 20:05
Behavioral task
behavioral1
Sample
271782b93ecbcb67d865266b919300de_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
271782b93ecbcb67d865266b919300de_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
271782b93ecbcb67d865266b919300de_JaffaCakes118.pdf
-
Size
9KB
-
MD5
271782b93ecbcb67d865266b919300de
-
SHA1
f6dd713dcead9aa0f17c9720c7787417afc796b3
-
SHA256
8126d1c0127cc2ebb97d9f5189693109b66a81274152557acb0d408bed0cdd09
-
SHA512
58250bc4e97cb5dfbcbeaaaa766b67ed2a718bf723e6b1cc455b3c247b6f7ae0d6bdaafa9424cd1f75b487c09a6802ea27d06d7452bdb656b49a2834c1208133
-
SSDEEP
192:jPz4ULMxLIKXHsfyxklqwfwEBY5sglnJLc7jo2oMTR7R67/T6xovwGZQKkCT:jPz4ULMxLIKXHsfCkzkyPzx0xrZQKkCT
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2056 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2056 AcroRd32.exe 2056 AcroRd32.exe 2056 AcroRd32.exe 2056 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\271782b93ecbcb67d865266b919300de_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2056
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ae96ff27ca7ab74260831bb702bdad39
SHA1e4c4cddf02e4e2b961217537161d3a7bd5e3e05c
SHA25638c19e6f07751172f5482f1192375bd71fcd2beeff5d16fede3f37394f995dae
SHA5125cf9f7e9c44eb8051c10ab66ef4a4229d162bbebb53f55c11b02eeaa73ee8a993391539790b5bd0626ca19ba48228d884e3078d56a528b4d0ebe8af1d5c9c012