Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 21:11
Behavioral task
behavioral1
Sample
27207ff3391001be4ef813d8676b32ea_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
27207ff3391001be4ef813d8676b32ea_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
27207ff3391001be4ef813d8676b32ea_JaffaCakes118.pdf
-
Size
15KB
-
MD5
27207ff3391001be4ef813d8676b32ea
-
SHA1
cb89f868c4f0b0744c7b58bdb17bf4f9ec020374
-
SHA256
2f25ca57256f3690dba5f29b08c7dcf6f28fbb37eb6b3d1ed4d7e42278df553c
-
SHA512
ca5f40ceb3eb615736de16558f344def475291034cb2419d413747286a4ab453e7d21a1b107422289addcff0943ced4f36fcbae2c84c30e069e59671afa43e5e
-
SSDEEP
384:PP5uqkIxVgAV8EY1BiMit/zaV0G3dHfiRvY4WCPrMEBXbQpwvnYq:rIEyV0od/UY4722/
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1616 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1616 AcroRd32.exe 1616 AcroRd32.exe 1616 AcroRd32.exe 1616 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\27207ff3391001be4ef813d8676b32ea_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1616
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58c91daa4d4a1a5a4710060b3fc675ac7
SHA11114f47d9520e823d5aef483fe68036ddff30935
SHA2568606508297c37bfd85fd46d095a6547c05f1e2a89c29ce9516fbdc0e3dd67521
SHA512acf562e2f8406a5c98f048f46e47a41138d5ccf829e6376748dd4062120ebbad0a32471c27adba0fc3c803d41f3d8075a32cd0f352c8196226a13c6b0d615ba6