Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06/07/2024, 00:38
Behavioral task
behavioral1
Sample
273ce600b58907ccd0ecca8e586d3ab4_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
273ce600b58907ccd0ecca8e586d3ab4_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
273ce600b58907ccd0ecca8e586d3ab4_JaffaCakes118.pdf
-
Size
73KB
-
MD5
273ce600b58907ccd0ecca8e586d3ab4
-
SHA1
cc4808bf6a95887a6a752460a58cd5174b7ac9da
-
SHA256
ce8410cf5277847d2f34816be10083efdc945569dab1c93ab61be82b28b38468
-
SHA512
3c0c509d16bdff463160c993f529d8b9ab616d47e08b4a3322438a3ad087be48f80260d77ae9473a323696890160014dd6bb24d323fadc8ce93a5354de09c01a
-
SSDEEP
1536:0CZyVM1ezZglhrPNqh5wwcVdbKZHCIsh0UWxrT1DBwFX3rCW8pO+25s:9ZedgfrPZ2ZHk01rTDwFnrt+B
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2476 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2476 AcroRd32.exe 2476 AcroRd32.exe 2476 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\273ce600b58907ccd0ecca8e586d3ab4_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2476
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53d5c1ae0d92f299004a1bd5aa08e9e44
SHA177f77559bf6af7b34a484ca400e877cacbdc0721
SHA256daedf09af474b4168b0b963c77de9bb8036f00b2f027806de681a9a227f9a8ef
SHA512e0ee655d87f015a8ecc304324966e612ca577abb14bfa1e85989a1376f37e83755b1e830b2e658f2534157045ab99329c065858b8d39dc0130d7ee31463f2207