Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
08-09-2024 19:58
General
-
Target
d5064005946a29cff638bbf343158f9d_JaffaCakes118.pdf
-
Size
110KB
-
MD5
d5064005946a29cff638bbf343158f9d
-
SHA1
48e12683496ae35c31f69f919f93ce9cf43b62ba
-
SHA256
36ee9e282a1d4a4f18786f011eb3d13ddb1a2228063669b6365b8a897282733c
-
SHA512
81cb0439a1803e65923711d94560342b335ab63b17ef5c540ed127bc87f1063c6bf64c0ea4d43e25a526b937c244ae5a9c7925f13ae3ef1d74d963f789e72d70
-
SSDEEP
3072:h/WNWzjHJVmJp8y52i5fTMmhYKhpakd/wEs:h/WXb8026LFnskZwEs
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 5 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d5064005946a29cff638bbf343158f9d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55d6cf0b6854a6f54a05f6bb321f75c9d
SHA134c48c823873aa7a3ebca326bb6d651f58267505
SHA2560259f62efdb81f9d5cc09f0c441c0c4c1e579f4316329a7d07871d07d537ab05
SHA5127521315fa586eb384c8e446f299d3c349e443cb5e96d0dc65694664f8d30060352882064a98b8cc2fe6d8ee608c8ce272c54a91f7ffe2a73be7c5f2eeff32d8c