Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06-09-2024 13:56
General
-
Target
cfb04d3d0a296cfc7839dddc362cede1_JaffaCakes118.pdf
-
Size
17KB
-
MD5
cfb04d3d0a296cfc7839dddc362cede1
-
SHA1
0fd144591566e22fda6f90d6f230c0e4edb00897
-
SHA256
4ebb1c8ec360da3de27bf2dbe39d821dba61af50cc70403bdbfd5a8533d6789c
-
SHA512
0998711ed4e9b29127e795c5c534892e236c80dfd4b5763ec6ca72c48a129a66059d08f230625ea64cebb5da3ef185d54e0156a0fa9ce481fba03d0177003f98
-
SSDEEP
384:ZPV1vaahhkANUxSqeak53iyuKFQkoucC6jcVvEcAa0rkQnOGGYB:owZNibMiNKFQko9CNEcAa0rky9
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cfb04d3d0a296cfc7839dddc362cede1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aa8b0f6b8edcaf4a9a596af27b85be53
SHA13ba35c4575e2eda4673c6e47c83ee38d3615f243
SHA2563fe2ff7945f2ee2d4776a6e78e5f5babc0eef35b7e31fe8844e9a2033469bf5e
SHA512fa27b5597e9dc87ff99049ea9d21a7de1447f93aa6cae4ed98e1cff022fc362bb00b1b63a67abe58de8713841e42a40ed1b020b86466357b1670b1935cc1bcf8