Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
06-07-2024 00:04
Behavioral task
behavioral1
Sample
273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf
-
Size
9KB
-
MD5
273880dca7b7611302daea1523284c5d
-
SHA1
3d34c2294a7e17ea436c197451518e82894d33b3
-
SHA256
3338deee842c33ce12f8a802af8cbfc5cdaf04903ab7f47290c11ecec1b09e95
-
SHA512
ce3f4fad4f15dd704622940d9c7f9a10cc399071cbd4d4a0a0b64e701c15f47c34181a8f858474d5ae366865cd94560e3518b94f37ab3fd1f89e89b61e12c243
-
SSDEEP
192:jPz4ULMxLIKXHsfyxOcDqt/JkL+7X09cLfCZcpcDVocsXiB6FcovcN5bjga6xKk0:jPz4ULMxLIKXHsfCOcetSSicLdposyBD
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1620 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1620 AcroRd32.exe 1620 AcroRd32.exe 1620 AcroRd32.exe 1620 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\273880dca7b7611302daea1523284c5d_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1620
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD520f0a74f18216bd078074e4ed440bacb
SHA157c270eccb935551a343d89893f70b8929685031
SHA25634e0be1ff8cdccf698f7095340cc48b00d4301d1d92cd486bf0eb27dc6804eb0
SHA5123f632437bbdffb4c8ce751331d5c90f57ac3bf48087fdb07df6342a729339eae3252446cc861e820b3b33fd77a0e8ff81af3ce8cdb57cc423c1f1a0a3d7538ea