Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
08-09-2024 09:00
General
-
Target
d3fe125d8ecf1f4c208d07417d74953b_JaffaCakes118.pdf
-
Size
58KB
-
MD5
d3fe125d8ecf1f4c208d07417d74953b
-
SHA1
b9459d53420940eeb558e948f64a27e7dbfff700
-
SHA256
13776aceaa532420d6963846e1770512d59b33f3b924db75ff577178d92d78c3
-
SHA512
12d0dfad299bd3b39a6c03a91fa3dcfe1540fec37c97685ccdb2fe9ad24879e720eb19e46fa65bf084ac9dac3b16530f40ea2e8dc45a47dcd5ccbf65612b34e0
-
SSDEEP
1536:FtpkNjEPs3GSlFbV2W7ARaAcHIMpA1mo279PCPlhPuBUqlFpJ:za4U2Slp8lGHlps3P0v5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d3fe125d8ecf1f4c208d07417d74953b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bd8029092b1ff072ed81f36f0089ba47
SHA1d746ba7164594002d42620b6de02ee4c31473f8d
SHA256bdf0c586f79bc3cd18fb78fbde9478f0ccc062df8de4c6697b7be08e950a4dc8
SHA512cb7a9abec6c970e1231758ddf54c6256876ce683b453efc30e5f83b8542c13a5979b2cb0af245ebccf5e65fce63ddfa66dc28ae77fe7a0f0bfd7f784bdb666c2