Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
14-08-2024 16:39
General
-
Target
96d5475b801643251c9cd8306fb2d051_JaffaCakes118.pdf
-
Size
90KB
-
MD5
96d5475b801643251c9cd8306fb2d051
-
SHA1
afd6cb70ae4c6ba23d9ffcc69de92bc43e4d7f8d
-
SHA256
00aa4a4b3b9f91707c10ed1b348221f8463492fa65948521e6dd787b4040df04
-
SHA512
8dcb1b68b72392a920b7e565ded573544c9de2fc2042ff7073fc8e99d272c1ca8dcf8e36add00fff5e59e5f7db75ede5c2c24337c7b64a0792069f2db55a4fda
-
SSDEEP
1536:pJr5U9eQrOLDaq03+JfqUyFHSnBy3vcogYooCzd6oS9hWOpOwrKWzb+kIHC6k:nr5U9OLfo+JfEFHSnU3vAYojkP9ewrRt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\96d5475b801643251c9cd8306fb2d051_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD592928f2f1cec42143c9ec84bc06d9deb
SHA1e8ee21e1fa354b4a95472ab85accc5be33a5c18f
SHA256c7c31fcf3ec72e8fadbc5869f84d63956aa4d37b985845ab2ed1c5a57529d395
SHA512d0c56d0fbcbdb1e5bea16cef8a30372904138e6f9b06ca987dd6c2d4e869042f3e5c1ccdb71067a4f3198a664e46a3d007c15590a7bf6e1f1a118bc664e43210