Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
06-07-2024 05:16
Behavioral task
behavioral1
Sample
275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf
Resource
win10v2004-20240704-en
General
-
Target
275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf
-
Size
9KB
-
MD5
275e2446aeffb88434385092a52b37df
-
SHA1
f882a9414601216c7227bdda2a39d3a73fdeaea2
-
SHA256
756dca4a5046f1960efa0dc3cfe66e683a1537b54e600fc68c5ac3c3161aa0a2
-
SHA512
a09de1d17649ca5f4559c8d22f57432807d1f7b87ad2e96214edaca247a48ab8b37aa88e5904bdd95861eab9b446f609048b44a7935f5d2ab6f0da869b9c7ce3
-
SSDEEP
192:4Pz4ULMxLIKXHsfyxSPxVF8FxVN/Dariy1ftUq9t8HEYiOxkXsfiu8y3zBgEQi5v:4Pz4ULMxLIKXHsfCS5VmV+WqP8g2fiib
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1252 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1252 AcroRd32.exe 1252 AcroRd32.exe 1252 AcroRd32.exe 1252 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\275e2446aeffb88434385092a52b37df_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1252
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b4ed9815ce19cc65876b7d42d4810fa5
SHA10e88c4106e173335747b9c0dfedcd6bb444d7752
SHA256be3ec54f3490dc0606f0344deb778249883841a9bcf9110d9d573b0185fbd091
SHA5123dd9b343738a7d6c2e83e7be8557a305f3583d949b684a464497fc272b5eae8f1ae410a61bfda2db2c666a3ac44efa7a5f8b17434cb437e9f1d78d011d842b5f