Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2024, 11:38

General

  • Target

    8e98459fea0b25797c483eca0102acea_JaffaCakes118.pdf

  • Size

    19KB

  • MD5

    8e98459fea0b25797c483eca0102acea

  • SHA1

    567fdf8fe021295fb953cc5d777cdf8aaf389baf

  • SHA256

    c9ca8f1df33e493e51c90536cb02bd91a5a363b4ce41d815d96f4b5016d19237

  • SHA512

    06a03b6d423c1a279f6a36227cc69d81d550dffeae2d25d8eaaa8184aeea310ffeb4bc7f4eabb55534473ada22f2b174421f5d9c149ea37616d32b01ea759b05

  • SSDEEP

    384:VzVEiUDSiz1Kc1e1nOffMIfaHmPYSoJ0oCgW8a272qdo8qPP4MH5XCvq3EbGqcrO:Vzepz1KMsOsDGQtJrCgHa2RdlqojS8l/

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8e98459fea0b25797c483eca0102acea_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    04d6dd0bd97eb16d850a29080e4a62ce

    SHA1

    b8465ebd01eaefec04be50c629f6d7bee37b1c08

    SHA256

    3df6a29d206609131ca197f73834a7e4a2e99fdfa404b0af247bf57a73aa176f

    SHA512

    f7e5cccc103aae92879e30f3555bcf2bb98974730ef6b73ec5d52359a6c8c77d412fd2538e3131762bc25794520bfcdc0b8e31aac1ed64aea662c727e67f8adb