Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
06-07-2024 05:28
Behavioral task
behavioral1
Sample
2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf
-
Size
15KB
-
MD5
2766a216d4389d24d0a6ff68b6d6f273
-
SHA1
4a60a6b634a0396dc1a3124b0d20ccb6da859cf3
-
SHA256
da3d7ec660dacc37029c2e462b8f2b4b12fcb428d0c6aed04cb2a77c9804ea5d
-
SHA512
1a9f74f7bf81d7dd441ad216aa5a3a77fcc81bc71745629acfb23da1435b0be3118fc6ccbf9ee94eef65b3e9c698225e6f2a623aad5e389d7af1110da67a6280
-
SSDEEP
384:nP5uA6SkJ1OZgVcL2mouNvFMh8tQ9JhI7A98ik+hobo9kNmQq5OD4KYx:qONSmZFMhV9JwFiJhtqQQ5m
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2792 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2792 AcroRd32.exe 2792 AcroRd32.exe 2792 AcroRd32.exe 2792 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2766a216d4389d24d0a6ff68b6d6f273_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2792
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5558517d123b63d81c5ab036afdda0118
SHA18f83b4c7f550ee4c4e67f484e65034a125cf59d8
SHA256e88cefae7b92d9076938f999d4f3ef97a425654dd882b196b953f7487e1a47ce
SHA5129792b5d30efe32215776d2b591067488f68126d7f118184c0e423a4e6e13219961d7bc1a55f4afba277f7125775546faaf78d01aadd2b71d393d65c7402258db