Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
07/09/2024, 09:13
General
-
Target
d196ba50cbb58344d8dc8a881cfd973d_JaffaCakes118.pdf
-
Size
73KB
-
MD5
d196ba50cbb58344d8dc8a881cfd973d
-
SHA1
8f24876a36bac48ae759987a23f5bdb3857924cd
-
SHA256
e326c900e1452be9c86c67878965b2683c349d286d250d5c84cc3a5521c7f9da
-
SHA512
ed06ee209640f7ac9f235c29ff6e713a1ed1c68c2e02fee5e41e575eedf5c2262090af138e4466896fae4f79e18b96d64ba2caad2c242acc4a756f70a0776512
-
SSDEEP
1536:2AXYkc88XO8m3TRKdqLvKptHvuGnk1y92GdPJW7eniAhr3iJ:/j8ef9IkKptPuGnKOVJoeniAhGJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d196ba50cbb58344d8dc8a881cfd973d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e7e0b6cec09937a037aac8dc09bbdaef
SHA1f7660607e6a49bab99989dd901c7abc6582370f0
SHA256383bf6fcd2b5e3e7a0d62fd63eaea5b5535ac742001367044f34d439c6890c2b
SHA512342d1486c04c394ba1e9d16b79cddb93f54e07d90f42997f422ee13467105bcda20669065ec61e5beda35bea3e0342e0461985f25045ac6150cce9333e0d20d4