Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
08-09-2024 09:42
General
-
Target
d4112e90d0c8f48a85a9995171fd1b45_JaffaCakes118.pdf
-
Size
17KB
-
MD5
d4112e90d0c8f48a85a9995171fd1b45
-
SHA1
3edff819c0316a36d983f4f20f8a460bf6505393
-
SHA256
6d293c582b4dc48b11e5826225eccccc5623003aa1661548d12f2f629d68d841
-
SHA512
71677db1ff91d067daa3bbf6becbed70deedae7dc61dcebe56e81baa55e0ca4e91f2931a38c7f8c0c43ba525f8f0e5ed0e2a85c4b1a9296910d27d0dfc69263f
-
SSDEEP
384:VzaB8fyz9S8z1/1wjYMaPpM5K7i2cHtE11iwcqfiFcD70+C4JVdka6kNXgp0gEDV:Vziz5z1twjYMahGK7ihE11iMfiC7074H
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d4112e90d0c8f48a85a9995171fd1b45_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53257e9aac0a298be31d9c0f9f7f64262
SHA1fba756f3761ce0782c81e05108bae5265de349c0
SHA256ccb7f5ffaff2a9ef6482390c21e588802949cf6b982b607058eb85637a825307
SHA51259f674b344bf1476a0dc07e896c6f408392b1bae40368229a02cfff1f7de7a44d294dbf7e1010876f8fd42f6476d31b08ffc92f0d95a6479c5e1c085b48e36cc