Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/09/2024, 09:38
General
-
Target
d40ecbcee3d5e2593d28729241256dc4_JaffaCakes118.pdf
-
Size
51KB
-
MD5
d40ecbcee3d5e2593d28729241256dc4
-
SHA1
c501ce91762934beedf62bfeb01c66f9cebde0d2
-
SHA256
641819571538b6c8381e21e42be64fb521bda4663e2bcc8d691d8a41785c73ac
-
SHA512
5b508e7dd2efc8ef5fb1c413a24e44a10ffbb6765c0318e16d4fa60fb76734cc0efa81748ea24a3225596eed0e42f8540d7fb106cea62c73cfb8ddaf0b09bf5e
-
SSDEEP
1536:PXFZmGWSv8dE/P8rpo3yECTEUoMUiLGSRvQWR8sv1TDn:/ysvbUo9ijvNtX
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d40ecbcee3d5e2593d28729241256dc4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56767266cd325363022f665d5b4846c96
SHA1b0fd25177d45a3410739b8e5ea06fb5ed64aab35
SHA25680c918a29928f50489372fe281e71a89b7b8ad406670d0f77c434b08c8e79346
SHA512805f86ba5872fca2a1db8672e38746d393d581664a539992252dc4dd6ab91ab60aaa7c8d130fde3b501be713684a63e6565090a5a6a8a67eb9431b042df69c46