Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
25-08-2024 14:39
General
-
Target
c0f3a248c4c38375158439ab4860cf98_JaffaCakes118.pdf
-
Size
73KB
-
MD5
c0f3a248c4c38375158439ab4860cf98
-
SHA1
2e8f03e36e439db96377fa972d4bb3c62648e45e
-
SHA256
9ade3b5bd4161be40e031c1653c078125a2b4bbd24133c1dafd137585e2a4316
-
SHA512
fcea0cfc235e7219d42495dd8a15df371124ee6656af21123cff56cb72345d74fa841f0b0a2e4b0f3c73de8435cb7c5ff45d1b42ae07b4e57a641ba8f83c2baf
-
SSDEEP
1536:dqkV8dRZgpmLjXo40K6Cbl4+QYjd8E5ceMq+wcr7Lpv3nJotnMIC:d8/poatR0ud8E5Vd0/pxoZ4
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c0f3a248c4c38375158439ab4860cf98_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5abadb53c81a75fd86133a5ef3e8173bb
SHA1e05a0d683c106c30fd0e1661c25b5c7ad573b7e3
SHA256c2dff514e057558a16b137e2585ad996834f738c96eecdffbcca637918fd4993
SHA512270822e3561270bf522aff483c2c7bc229ff6ceeb4ddef73990f7c6a3159e17e603b5db9816fb7e359495df172df5e263318da5a7141dd60f7bbbc142efc2f2c