Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
26-08-2024 01:02
General
-
Target
c1f7e2d6109533a935f0c45432fc8b44_JaffaCakes118.pdf
-
Size
350KB
-
MD5
c1f7e2d6109533a935f0c45432fc8b44
-
SHA1
050cddf81b55285180a4bad7e97c46e98795b107
-
SHA256
4310551fb4156d42da0f62fee70ad9d0a14098c883cac0a871f7bcd71cb8914c
-
SHA512
9cd5f783cfe12fa49c3a70bdf65b7d57e803a66d49f3ab773e5d438388a11ef1899a5779f9f669f397169eabfa3adbc54918b00bcb1a0204463fde0d9f49f2e7
-
SSDEEP
6144:3hS3tTR1FsjV0QX+5KYtPEq0kYeOMVBpFsDU1ZKVfXyuuTNPgMtP1d5FMvtHGc:3kVsR0c2DYeOMVBDrZWfju5P/9vFg
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c1f7e2d6109533a935f0c45432fc8b44_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59a116b7030e23420decc6008d98a7fa2
SHA1c485176a7aeb318f323aa8db04bbc3042fb613b8
SHA256cba03177b0d35c56ff9e0c84988327dd96e4807047fb6174948ea0f1cb53bcae
SHA512ff96c9923ed7d7154024e1caef1200d618856e24f16798bcc584e7151b32d945ccb6b1cfff768f14a52b1f5c134d8e87428f39a15ed5e8e3dddd3e4196d50faf