Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 23:34 UTC

General

  • Target

    d0a6a9502a173a912016e29bc54b7396_JaffaCakes118.pdf

  • Size

    84KB

  • MD5

    d0a6a9502a173a912016e29bc54b7396

  • SHA1

    9c2abbfcbda6cda5af3806251cadfa71e24be55f

  • SHA256

    60ff9ba34e01416ca2c4e705e476ab0605486b8a0cff9237d702e965fc999501

  • SHA512

    47ce6a004010db785f8e8b602337fc39bf822e1045d34d8f588856c3f6c09e60fae5e320f5cfe546bc175e1e4fb50c0f3c02e49ed178d1b593efed03d437d755

  • SSDEEP

    1536:J3SSGh3TXWef+7pHseheYLjcTdaNbpMPIW+1ZJDmMt5qXQl0W8pO7iu/9D:xGh3TXcxhEYLjgIbpMPQZJZt8glH7D

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d0a6a9502a173a912016e29bc54b7396_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9264e75ad11a3cec931138d1630fbd14

    SHA1

    ec212ada9cd594bb6c23da18124ff0b922ccf0a1

    SHA256

    fbe4bf97569609c82935bbe258bff78177279c1d0cb5fcbc52f68d5667b28549

    SHA512

    0b21ec102f8d321c83910535c3e282faf2d88afd7c044c186d4b88f609b07be9b13368224b6a49a3848185cf3e6eb932e999a480f135157d4f57da43eabc99a8

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.