Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06/09/2024, 14:49
General
-
Target
cfc9f9fb1f2aaac4ea19b920a3812a62_JaffaCakes118.pdf
-
Size
39KB
-
MD5
cfc9f9fb1f2aaac4ea19b920a3812a62
-
SHA1
388fc26258aefd174d64870d266b9a5e46cd1ca3
-
SHA256
b022f735ca22bfb998ffd1e729b04d06191c6a9717424e351bef36271308c7e7
-
SHA512
673fbe911f5e4cbf8448e834b3243cbef3c2d4971dbbe40f1117a080a1e7b1be6e97f4cbb89868fd00c080beee4fbe74bc7dd9bd90eac0e496a0c2a0a0184af4
-
SSDEEP
768:vXuMZmwgCLWar6AwPkuigE6fmx1FQFpf2frPqK3b4EGHiqe6Bufq1EYGWLata0Qo:vXFZmGWS6AwPkuigE6mx1FK4iK3b4EGa
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cfc9f9fb1f2aaac4ea19b920a3812a62_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD596f4f44940976bd0c41d408ee8b14a7e
SHA1c5df851affd46d09dca744d7607ee6cfc8e6893e
SHA256f08bf489adea28cbb43110c5f09d82e697e1517794ce18dedaa1b7b5246fe127
SHA512dda6d81a977b1781275689aabfa585105dbb4821b50750f7fda838dbd07485ed49e975f6dabe7cf68c42df770881b94667d5da777e0919dc696d1b000e044b7f