Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
22-08-2024 21:33
General
-
Target
b939bc3c561ecb277c471d4f80a111d0_JaffaCakes118.pdf
-
Size
89KB
-
MD5
b939bc3c561ecb277c471d4f80a111d0
-
SHA1
41df7685aa9b264af4d7ebb0b0237218699faaa3
-
SHA256
bf334e7a6c76616daf8ba6ede0ba101efc58110e340b3f809ae2761e8a8e64a1
-
SHA512
50df9194a5200f4f579139b87f6774632457ce7389fd0f747d79fb836f4cd9f684d9c49eb1cbf74bad75eabb07cd34213fe9baeed755f68c1451517aab483823
-
SSDEEP
1536:GwvqXIySXZ7umPSPOx5IqFSTozSF65WELOUOyEWkvPzBXg+5WcpOmZYQn:/C4F81POx5IIqozSf5UOyw3dQ+wmj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b939bc3c561ecb277c471d4f80a111d0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ae5516fa65048f2faf941565dd7d4273
SHA1244ea9925238a284d4bb13490591971cf71624db
SHA256bd04a8ec8126187c1d4d8d84b2d336a080cbc3d9615342d250a3089f72895724
SHA5125a2b12079b6c758a9cb9dece4ef09ad64c4b65625f8eececc3bcf07ca761407de19d9d6a80f86a0f062d399b3ac6c5f0b8a822d947dfe29aa5a2fcc2f8e21c75