Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 11:52
General
-
Target
d1df23a6c519cb6aeacbe84f1e5070f9_JaffaCakes118.pdf
-
Size
13KB
-
MD5
d1df23a6c519cb6aeacbe84f1e5070f9
-
SHA1
dcadef6a07f7d8d23b45193006955e8edbe7780e
-
SHA256
24bbf2861f68df054841b2c5a0b60577bd99e2e9dcb96fb842c21e8d52c8f96e
-
SHA512
b9e1cb14cb957b6ccf74787b07c13675ffd5fc72fa571e62b7d0c3768bff6e1ce9a5710d9f193195464a7145f3cad867491ebf0b76345f2d7ef9769a68ccdc73
-
SSDEEP
384:VzKglM4U74Gop1n4MMtz5mkdiPcPt6DFmTsQw7CQgsE:VzKglM4U74Gop1n4MMtz5mkdA6t6pmIa
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d1df23a6c519cb6aeacbe84f1e5070f9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD564f5e04416f52b4171eaa0fd798f94d7
SHA1329c38c2df559a6639d283fcddf0cb5d7390ac3b
SHA256acee6befe32b168cadaa265b331b7a07efe96589bcbc1523929c63d71508751e
SHA512aa189e105f7c22d392c7c7330aa63c115aed64059e706efa41cfd0f7285f837914275bd93ec2e11ee47a2c0dd14ba0f8002142db1923f0f18b4143227b7c9c5d