Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
29/08/2024, 09:50
General
-
Target
c8978fe8f111bda0827a60c94dab9503_JaffaCakes118.pdf
-
Size
50KB
-
MD5
c8978fe8f111bda0827a60c94dab9503
-
SHA1
3ef04727b9804a2a3c7f4e44939c4ecc4aea6574
-
SHA256
cc871957a3d0af6e2b3ed70cec48525ad65f2f66a3303f5df37e612cdafd8f21
-
SHA512
96c71e15882865db00287ea9444db71dfe93e060d40f90cd0b853d08bbd8fc46ac82c3c26aa2d12f4db85dbaf844a049584153e02824a8bbbff61552f22ef0fe
-
SSDEEP
768:20gGzpDAY3le/erD8Ym1NIZCoPg0CdHcGG1Qa5xDHvDlMEBFGApI3DTtrWER:mGFMJcBCd891QafxBFXYNrWER
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c8978fe8f111bda0827a60c94dab9503_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5732f7b60e60308a6e863e9dfb1978ddb
SHA1408f82529367a8634153747c4e3c168bf196103d
SHA256323c1120f9d1d86e741e98792e4d6a5dc84ec9f7a37d9d5df0a9c6d7025426ae
SHA512e413cb97fee67c1ead4a2b6a7aceaf8533681065dfbfe0b48526f18b5366df3117011dd1fe7357bff657cd0aa5396c4942eb94cfb953b0b94a0bd2de4f3f5981