Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
22-07-2024 13:52
Behavioral task
behavioral1
Sample
636ca715bd91809d852d9da1e8fff03f_JaffaCakes118.pdf
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
636ca715bd91809d852d9da1e8fff03f_JaffaCakes118.pdf
Resource
win10v2004-20240709-en
General
-
Target
636ca715bd91809d852d9da1e8fff03f_JaffaCakes118.pdf
-
Size
115KB
-
MD5
636ca715bd91809d852d9da1e8fff03f
-
SHA1
77155b65f7e54fe070c6b376b2dc315b2272b0c5
-
SHA256
6dedf00ee45afa56e70f51957551e2d1fbf6e86261fad45c2cca90a909fb7d03
-
SHA512
a0bdc754ba4bcf96d8866d9041b6ef50b5f230e364e4078f2d6e51ef3727f64a8546b64c06c947126761de679864b31d338b40e88f47199c3468af8c53b9c4f1
-
SSDEEP
3072:gzIjoGTTnORO33OKN399Jo/CVP6ZfCj1WZrnNRPSzaiJ:gzIhTOK79K/SiYWMP
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2292 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2292 AcroRd32.exe 2292 AcroRd32.exe 2292 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\636ca715bd91809d852d9da1e8fff03f_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2292
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD504e465555c0a65759b67b0567b38aec1
SHA1adfb2eb213fdf7e0383ea6ad21a896eb9807668a
SHA2564605a605faa6d8c25990637cd6b62369aefd96109eb0fbb6207ac7b6c6e0d752
SHA512be57e9f02164a27aef199e8acd00cc074a28576b0547c6916bcf44f1a65bb865eb003710696f16c34bc010588309cc3178a1446343112fcfb89b179f55ece945